VYPR

CVEs

100,075 total · page 1344 of 2,002

  • CVE-2020-27858HigJan 20, 2021
    risk 0.55cvss 7.5epss 0.74

    This vulnerability allows remote attackers to disclose sensitive information on affected installations of CA Arcserve D2D 16.5. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getNews method. Due to the improper restriction of…

  • CVE-2020-6024HigJan 20, 2021
    risk 0.51cvss 7.8epss 0.00

    Check Point SmartConsole before R80.10 Build 185, R80.20 Build 119, R80.30 before Build 94, R80.40 before Build 415, and R81 before Build 548 were vulnerable to a possible local privilege escalation due to running executables from a directory with write access to all…

  • CVE-2021-21269HigJan 20, 2021
    risk 0.50cvss 7.7epss 0.01

    Keymaker is a Mastodon Community Finder based Matrix Community serverlist page Server. In Keymaker before version 0.2.0, the assets endpoint did not check for the extension. The rust `join` method without checking user input might have made it abe to do a Path Traversal attack…

  • CVE-2020-28483HigJan 20, 2021
    risk 0.39cvss 7.1epss 0.01

    This affects all versions of package github.com/gin-gonic/gin. When gin is exposed directly to the internet, a client's IP can be spoofed by setting the X-Forwarded-For header.

  • CVE-2020-25682HigJan 20, 2021
    risk 0.58cvss 8.1epss 0.71

    A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the network, who can create valid DNS replies, could use this flaw to cause an…

  • CVE-2020-25681HigJan 20, 2021
    risk 0.59cvss 8.1epss 0.81

    A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge DNS replies such as that they are accepted as valid, could use this flaw to…

  • CVE-2020-14360HigJan 20, 2021
    risk 0.51cvss 7.8epss 0.00

    A flaw was found in the X.Org Server before version 1.20.10. An out-of-bounds access in the XkbSetMap function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

  • CVE-2021-2129HigJan 20, 2021
    risk 0.51cvss 7.9epss 0.01

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox…

  • CVE-2021-2118HigJan 20, 2021
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Administration). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via…

  • CVE-2021-2115HigJan 20, 2021
    risk 0.49cvss 7.6epss 0.01

    Vulnerability in the Oracle Common Applications Calendar product of Oracle E-Business Suite (component: Tasks). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP…

  • CVE-2021-2114HigJan 20, 2021
    risk 0.58cvss 8.2epss 0.59

    Vulnerability in the Oracle Common Applications Calendar product of Oracle E-Business Suite (component: Applications Calendar). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with…

  • CVE-2021-2109HigJan 20, 2021
    risk 0.55cvss 7.2epss 0.70

    Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows high privileged attacker with…

  • CVE-2021-2107HigJan 20, 2021
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite (component: Outcome-Result). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network…

  • CVE-2021-2106HigJan 20, 2021
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite (component: Outcome-Result). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network…

  • CVE-2021-2105HigJan 20, 2021
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite (component: Outcome-Result). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network…

  • CVE-2021-2104HigJan 20, 2021
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: Dialog Box). Supported versions that are affected are 11.5.10, 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via…

  • CVE-2021-2103HigJan 20, 2021
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: Dialog Box). Supported versions that are affected are 11.5.10, 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via…

  • CVE-2021-2102HigJan 20, 2021
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle Complex Maintenance, Repair, and Overhaul product of Oracle Supply Chain (component: Dialog Box). Supported versions that are affected are 11.5.10, 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via…

  • CVE-2021-2099HigJan 20, 2021
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Supported versions that are affected are 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise…

  • CVE-2021-2098HigJan 20, 2021
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle Email Center product of Oracle E-Business Suite (component: Message Display). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2021-2097HigJan 20, 2021
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: Profile). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise…

  • CVE-2021-2096HigJan 20, 2021
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2021-2094HigJan 20, 2021
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Print Server). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via…

  • CVE-2021-2093HigJan 20, 2021
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle Common Applications product of Oracle E-Business Suite (component: CRM User Management Framework). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network…

  • CVE-2021-2092HigJan 20, 2021
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2021-2091HigJan 20, 2021
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle Scripting product of Oracle E-Business Suite (component: Miscellaneous). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2021-2090HigJan 20, 2021
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle Email Center product of Oracle E-Business Suite (component: Message Display). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2021-2089HigJan 20, 2021
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Runtime Catalog). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2021-2085HigJan 20, 2021
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2021-2084HigJan 20, 2021
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2021-2083HigJan 20, 2021
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: User Responsibilities). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2021-2082HigJan 20, 2021
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2021-2080HigJan 20, 2021
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle Configurator product of Oracle Supply Chain (component: UI Servlet). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle…

  • CVE-2021-2079HigJan 20, 2021
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle Configurator product of Oracle Supply Chain (component: UI Servlet). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle…

  • CVE-2021-2078HigJan 20, 2021
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle Configurator product of Oracle Supply Chain (component: UI Servlet). Supported versions that are affected are 12.1 and 12.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle…

  • CVE-2021-2077HigJan 20, 2021
    risk 0.53cvss 8.2epss 0.01

    Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2021-2074HigJan 20, 2021
    risk 0.53cvss 8.2epss 0.00

    Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox…

  • CVE-2021-2071HigJan 20, 2021
    risk 0.53cvss 8.1epss 0.02

    Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Elastic Search). Supported versions that are affected are 8.56, 8.57 and 8.58. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2021-2069HigJan 20, 2021
    risk 0.56cvss 8.6epss 0.01

    Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Supported versions that are affected are 8.5.4 and 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2021-2068HigJan 20, 2021
    risk 0.56cvss 8.6epss 0.01

    Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Supported versions that are affected are 8.5.4 and 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2021-2067HigJan 20, 2021
    risk 0.56cvss 8.6epss 0.01

    Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Supported versions that are affected are 8.5.4 and 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2021-2066HigJan 20, 2021
    risk 0.56cvss 8.6epss 0.01

    Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). Supported versions that are affected are 8.5.4 and 8.5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to…

  • CVE-2021-2063HigJan 20, 2021
    risk 0.55cvss 8.4epss 0.00

    Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where…

  • CVE-2021-2062HigJan 20, 2021
    risk 0.49cvss 7.6epss 0.01

    Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Web Server). Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access…

  • CVE-2021-2054HigJan 20, 2021
    risk 0.47cvss 7.2epss 0.02

    Vulnerability in the RDBMS Sharding component of Oracle Database Server. Supported versions that are affected are 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having Create Any Procedure, Create Any View, Create Any Trigger privilege…

  • CVE-2021-2051HigJan 20, 2021
    risk 0.49cvss 7.6epss 0.01

    Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite - XDO). Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with…

  • CVE-2021-2050HigJan 20, 2021
    risk 0.49cvss 7.6epss 0.01

    Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite - XDO). Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with…

  • CVE-2021-2049HigJan 20, 2021
    risk 0.49cvss 7.6epss 0.01

    Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Administration). Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network…

  • CVE-2021-2041HigJan 20, 2021
    risk 0.53cvss 8.1epss 0.01

    Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Installation). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Difficult to exploit vulnerability allows unauthenticated attacker with network…

  • CVE-2021-2039HigJan 20, 2021
    risk 0.49cvss 7.6epss 0.01

    Vulnerability in the Siebel Core - Server Framework product of Oracle Siebel CRM (component: Search). Supported versions that are affected are 20.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Siebel Core…