CVSS: 8.1EPSS: 1%CPEs: 4EXPL: 0CVE-2020-14626 – Gentoo Linux Security Advisory 202105-27
https://notcve.org/view.php?id=CVE-2020-14626
15 Jul 2020 — Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Web General). Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Business Intelligence Enterprise Edition. Successful attacks of this vulnerability can result in takeover of Oracle Business Intelligence Enterprise Edition. CVSS ... • https://security.gentoo.org/glsa/202105-27 •
CVSS: 8.6EPSS: 2%CPEs: 4EXPL: 0CVE-2020-14609
https://notcve.org/view.php?id=CVE-2020-14609
15 Jul 2020 — Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Web Answers). Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Business Intelligence Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracl... • https://www.oracle.com/security-alerts/cpujul2020.html •
CVSS: 3.4EPSS: 0%CPEs: 2EXPL: 0CVE-2020-14548
https://notcve.org/view.php?id=CVE-2020-14548
15 Jul 2020 — Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Web General). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Business Intelligence Enterprise Edition. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Business Intelligenc... • https://www.oracle.com/security-alerts/cpujul2020.html •
CVSS: 9.8EPSS: 81%CPEs: 2EXPL: 1CVE-2020-9480
https://notcve.org/view.php?id=CVE-2020-9480
23 Jun 2020 — In Apache Spark 2.4.5 and earlier, a standalone resource manager's master may be configured to require authentication (spark.authenticate) via a shared secret. When enabled, however, a specially-crafted RPC to the master can succeed in starting an application's resources on the Spark cluster, even without the shared key. This can be leveraged to execute shell commands on the host machine. This does not affect Spark clusters using other resource managers (YARN, Mesos, etc). En Apache Spark versión 2.4.5 y ve... • https://github.com/XiaoShaYu617/CVE-2020-9480 • CWE-306: Missing Authentication for Critical Function •
CVSS: 9.8EPSS: 11%CPEs: 81EXPL: 8CVE-2020-11023 – JQuery Cross-Site Scripting (XSS) Vulnerability
https://notcve.org/view.php?id=CVE-2020-11023
29 Apr 2020 — In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing
CVSS: 9.8EPSS: 86%CPEs: 4EXPL: 1CVE-2020-2950 – Oracle Business Intelligence AMF Deserialization of Untrusted Data Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-2950
15 Apr 2020 — Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Web General). Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Business Intelligence Enterprise Edition. Successful attacks of this vulnerability can result in takeover of Oracle Business Intelligence Enterprise Edition. CVSS 3.... • https://github.com/tuo4n8/CVE-2020-2950 •
CVSS: 8.2EPSS: 1%CPEs: 1EXPL: 0CVE-2020-2840
https://notcve.org/view.php?id=CVE-2020-2840
15 Apr 2020 — Vulnerability in the Oracle E-Business Intelligence product of Oracle E-Business Suite (component: DBI Setups). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle E-Business Intelligence. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle E-Business Intelligence, attacks may significantly impact additional products. S... • https://www.oracle.com/security-alerts/cpuapr2020.html •
CVSS: 8.2EPSS: 1%CPEs: 1EXPL: 0CVE-2020-2808
https://notcve.org/view.php?id=CVE-2020-2808
15 Apr 2020 — Vulnerability in the Oracle E-Business Intelligence product of Oracle E-Business Suite (component: DBI Setups). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle E-Business Intelligence. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle E-Business Intelligence, attacks may significantly impact additional products. S... • https://www.oracle.com/security-alerts/cpuapr2020.html •
CVSS: 8.2EPSS: 1%CPEs: 1EXPL: 0CVE-2020-2809
https://notcve.org/view.php?id=CVE-2020-2809
15 Apr 2020 — Vulnerability in the Oracle E-Business Intelligence product of Oracle E-Business Suite (component: DBI Setups). Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle E-Business Intelligence. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle E-Business Intelligence, attacks may significantly impact additional products. S... • https://www.oracle.com/security-alerts/cpuapr2020.html •
CVSS: 3.1EPSS: 0%CPEs: 2EXPL: 0CVE-2020-2531
https://notcve.org/view.php?id=CVE-2020-2531
15 Jan 2020 — Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: BI Platform Security). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Business Intelligence Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauth... • https://www.oracle.com/security-alerts/cpujan2020.html •