CVSS: 5.5EPSS: 0%CPEs: 39EXPL: 0CVE-2020-17521 – groovy: OS temporary directory leads to information disclosure
https://notcve.org/view.php?id=CVE-2020-17521
07 Dec 2020 — Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this fix, Groovy's implementation of those extension methods was using a now superseded Java JDK method call that is potentially not secure on some operating systems in some contexts. Users not using the extension methods mentioned in the advisory are not affected, but may wish to read the advisory for further details. Versions Affected: 2.0 to 2.4.20, 2.5.0 to 2.5.13, 3.0.0 to 3.0.6, and 4.0.0-alpha-1. Fixed in ve... • https://groovy-lang.org/security.html#CVE-2020-17521 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.2EPSS: 3%CPEs: 2EXPL: 0CVE-2020-14595
https://notcve.org/view.php?id=CVE-2020-14595
15 Jul 2020 — Vulnerability in the Oracle iLearning product of Oracle iLearning (component: Assessment Manager). Supported versions that are affected are 6.1 and 6.1.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iLearning. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle iLearning accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of O... • https://www.oracle.com/security-alerts/cpujul2020.html •
CVSS: 4.7EPSS: 1%CPEs: 1EXPL: 0CVE-2020-2709
https://notcve.org/view.php?id=CVE-2020-2709
15 Jan 2020 — Vulnerability in the Oracle iLearning product of Oracle iLearning (component: Learner Pages). The supported version that is affected is 6.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iLearning. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle iLearning, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in u... • https://www.oracle.com/security-alerts/cpujan2020.html •
CVSS: 8.2EPSS: 1%CPEs: 2EXPL: 0CVE-2018-3146
https://notcve.org/view.php?id=CVE-2018-3146
17 Oct 2018 — Vulnerability in the Oracle iLearning component of Oracle iLearning (subcomponent: Learner Administration). Supported versions that are affected are 6.1 and 6.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iLearning. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle iLearning, attacks may significantly impact additional products. Successful attacks of this vulnerab... • http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-0508
https://notcve.org/view.php?id=CVE-2016-0508
21 Jan 2016 — Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 6.0 and 6.1 allows remote attackers to affect integrity via unknown vectors related to Learner Administration. Vulnerabilidad no especificada en el componente Oracle iLearning en Oracle iLearning 6.0 y 6.1 permite a atacantes remotos afectar a la integridad a través de vectores desconocidos relacionados con Learner Administration. • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2015-0436
https://notcve.org/view.php?id=CVE-2015-0436
21 Jan 2015 — Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 6.0 and 6.1 allows remote attackers to affect confidentiality via unknown vectors related to Login. Vulnerabilidad no especificada en el componente Oracle iLearning en Oracle iLearning 6.0 y 6.1 permite a atacantes remotos afectar la confidencialidad a través de vectores relacionados con el inicio de sesión (Login). • http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2014-6594
https://notcve.org/view.php?id=CVE-2014-6594
21 Jan 2015 — Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 6.0 and 6.1 allows remote attackers to affect confidentiality via unknown vectors related to Learner Pages. Vulnerabilidad no especificada en el componente Oracle iLearning en Oracle iLearning 6.0 y 6.1 permite a atacantes remotos afectar la confidencialidad a través de vectores relacionados con Learner Pages. • http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2014-2471
https://notcve.org/view.php?id=CVE-2014-2471
16 Apr 2014 — Unspecified vulnerability in the Oracle iLearning component in Oracle iLearning 6.0 and 6.1 allows remote attackers to affect integrity via unknown vectors related to Learner Pages. Vulnerabilidad no especificada en el componente Oracle iLearning component en Oracle iLearning 6.0 y 6.1 permite a atacantes remotos afectar la integridad a través de vectores relacionados con Learner Pages. • http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html •