Vulnerabilities > Oracle > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-01-20 | CVE-2021-2004 | Unspecified vulnerability in Oracle Server Bizlogic Script 20.12 Vulnerability in the Siebel Core - Server BizLogic Script product of Oracle Siebel CRM (component: Integration - Scripting). | 4.0 |
| 2021-01-20 | CVE-2021-2003 | Unspecified vulnerability in Oracle Business Intelligence Vulnerability in the Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Web Dashboards). network oracle | 4.9 |
| 2021-01-20 | CVE-2021-2002 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). | 4.9 |
| 2021-01-20 | CVE-2021-2001 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). | 4.9 |
| 2021-01-20 | CVE-2021-1997 | Unspecified vulnerability in Oracle Hospitality Reporting and Analytics 9.1 Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: Report). | 5.5 |
| 2021-01-20 | CVE-2021-1995 | Unspecified vulnerability in Oracle Weblogic Server 10.3.6.0.0/12.1.3.0.0 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). | 4.0 |
| 2021-01-14 | CVE-2021-24122 | Use of Incorrectly-Resolved Name or Reference vulnerability in multiple products When serving resources from a network location using the NTFS file system, Apache Tomcat versions 10.0.0-M1 to 10.0.0-M9, 9.0.0.M1 to 9.0.39, 8.5.0 to 8.5.59 and 7.0.0 to 7.0.106 were susceptible to JSP source code disclosure in some configurations. | 5.9 |
| 2021-01-11 | CVE-2020-25659 | python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS#1 v1.5 ciphertext. | 5.9 |
| 2021-01-06 | CVE-2020-8287 | HTTP Request Smuggling vulnerability in multiple products Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). | 6.5 |
| 2021-01-05 | CVE-2020-27845 | Out-of-bounds Read vulnerability in multiple products There's a flaw in src/lib/openjp2/pi.c of openjpeg in versions prior to 2.4.0. | 5.5 |