| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2020-14000 | MIT Lifelong Kindergarten Scratch scratch-vm before 0.2.0-prerelease.20200714185213 loads extension ... | | |
| CVE-2020-14001 | The kramdown gem before 2.3.0 for Ruby processes the template option inside Kramdown documents by de... | S | |
| CVE-2020-14002 | PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the algorith... | | |
| CVE-2020-14004 | An issue was discovered in Icinga2 before v2.12.0-rc1. The prepare-dirs script (run as part of the i... | E S | |
| CVE-2020-14005 | Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows re... | | |
| CVE-2020-14006 | Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows XS... | E | |
| CVE-2020-14007 | Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows XS... | E | |
| CVE-2020-14008 | Zoho ManageEngine Applications Manager 14710 and before allows an authenticated admin user to upload... | E | |
| CVE-2020-14009 | Proofpoint Enterprise Protection (PPS/PoD) before 8.16.4 contains a vulnerability that could allow a... | | |
| CVE-2020-14010 | The Laborator Xenon theme 1.3 for WordPress allows Reflected XSS via the data/typeahead-generate.php... | E | |
| CVE-2020-14011 | Lansweeper 6.0.x through 7.2.x has a default installation in which the admin password is configured ... | | |
| CVE-2020-14012 | scp/categories.php in osTicket 1.14.2 allows XSS via a Knowledgebase Category Name or Category Descr... | E | |
| CVE-2020-14014 | An issue was discovered in Navigate CMS 2.8 and 2.9 r1433. The query parameter fid on the resource n... | E | |
| CVE-2020-14015 | An issue was discovered in Navigate CMS 2.9 r1433. When performing a password reset, a user is email... | E | |
| CVE-2020-14016 | An issue was discovered in Navigate CMS 2.9 r1433. The forgot-password feature allows users to reset... | E | |
| CVE-2020-14017 | An issue was discovered in Navigate CMS 2.9 r1433. Sessions, as well as associated information such ... | E | |
| CVE-2020-14018 | An issue was discovered in Navigate CMS 2.9 r1433. There is a stored XSS vulnerability that is execu... | E | |
| CVE-2020-14019 | Open-iSCSI rtslib-fb through 2.1.72 has weak permissions for /etc/target/saveconfig.json because shu... | | |
| CVE-2020-14021 | An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The ASP.net SMS module can be used t... | E | |
| CVE-2020-14022 | Ozeki NG SMS Gateway 4.17.1 through 4.17.6 does not check the file type when bulk importing new cont... | E | |
| CVE-2020-14023 | Ozeki NG SMS Gateway through 4.17.6 allows SSRF via SMS WCF or RSS To SMS.... | E | |
| CVE-2020-14024 | Ozeki NG SMS Gateway through 4.17.6 has multiple authenticated stored and/or reflected XSS vulnerabi... | E | |
| CVE-2020-14025 | Ozeki NG SMS Gateway through 4.17.6 has multiple CSRF vulnerabilities. For example, an administrator... | E | |
| CVE-2020-14026 | CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the Export Of Contacts feat... | E | |
| CVE-2020-14027 | An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The database connection strings acce... | E | |
| CVE-2020-14028 | An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. By leveraging a path traversal vulne... | E | |
| CVE-2020-14029 | An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The RSS To SMS module processes XML ... | E | |
| CVE-2020-14030 | An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. It stores SMS messages in .NET seria... | S | |
| CVE-2020-14031 | An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The outbox functionality of the TXT ... | E | |
| CVE-2020-14032 | ASRock 4x4 BOX-R1000 before BIOS P1.40 allows privilege escalation via code execution in the SMM.... | E | |
| CVE-2020-14033 | An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_streaming_r... | S | |
| CVE-2020-14034 | An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_get_codec_f... | S | |
| CVE-2020-14039 | In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOpti... | S | |
| CVE-2020-14040 | The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to th... | | |
| CVE-2020-14042 | ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** A Cross Site Scripting (XSS) vulnerability was found in Co... | E | |
| CVE-2020-14043 | ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** A Cross Side Request Forgery (CSRF) vulnerability was foun... | E | |
| CVE-2020-14044 | ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** A Server-Side Request Forgery (SSRF) vulnerability was fou... | E | |
| CVE-2020-14048 | Zoho ManageEngine ServiceDesk Plus before 11.1 build 11115 allows remote unauthenticated attackers t... | | |
| CVE-2020-14049 | Viber for Windows up to 13.2.0.39 does not properly quote its custom URI handler. A malicious websit... | E M | |
| CVE-2020-14054 | SOKKIA GNR5 Vanguard WEB version 1.2 (build: 91f2b2c3a04d203d79862f87e2440cb7cefc3cd3) and hardware ... | | |
| CVE-2020-14055 | Monsta FTP 2.10.1 or below is prone to a stored cross-site scripting vulnerability in the language s... | | |
| CVE-2020-14056 | Monsta FTP 2.10.1 or below is prone to a server-side request forgery vulnerability due to insufficie... | | |
| CVE-2020-14057 | Monsta FTP 2.10.1 or below allows external control of paths used in filesystem operations. This allo... | | |
| CVE-2020-14058 | An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due to use of a potentially dange... | S | |
| CVE-2020-14059 | An issue was discovered in Squid 5.x before 5.0.3. Due to an Incorrect Synchronization, a Denial of ... | S | |
| CVE-2020-14060 | FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadg... | S | |
| CVE-2020-14061 | FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadg... | S | |
| CVE-2020-14062 | FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadg... | S | |
| CVE-2020-14063 | A stored Cross-Site Scripting (XSS) vulnerability in the TC Custom JavaScript plugin before 1.2.2 fo... | E | |
| CVE-2020-14064 | IceWarp Email Server 12.3.0.1 has Incorrect Access Control for user accounts.... | | |
| CVE-2020-14065 | IceWarp Email Server 12.3.0.1 allows remote attackers to upload files and consume disk space.... | | |
| CVE-2020-14066 | IceWarp Email Server 12.3.0.1 allows remote attackers to upload JavaScript files that are dangerous ... | | |
| CVE-2020-14067 | The install_from_hash functionality in Navigate CMS 2.9 does not consider the .phtml extension when ... | S | |
| CVE-2020-14068 | An issue was discovered in MK-AUTH 19.01. The web login functionality allows an attacker to bypass a... | | |
| CVE-2020-14069 | An issue was discovered in MK-AUTH 19.01. There are SQL injection issues in mkt/ PHP scripts, as dem... | | |
| CVE-2020-14070 | An issue was discovered in MK-AUTH 19.01. There is authentication bypass in the web login functional... | | |
| CVE-2020-14071 | An issue was discovered in MK-AUTH 19.01. XSS vulnerabilities in admin and client scripts allow an a... | | |
| CVE-2020-14072 | An issue was discovered in MK-AUTH 19.01. It allows command execution as root via shell metacharacte... | | |
| CVE-2020-14073 | XSS exists in PRTG Network Monitor 20.1.56.1574 via crafted map properties. An attacker with Read/Wr... | E | |
| CVE-2020-14074 | TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary.... | | |
| CVE-2020-14075 | TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command injections in apply.cgi via the... | | |
| CVE-2020-14076 | TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary.... | E | |
| CVE-2020-14077 | TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary.... | | |
| CVE-2020-14078 | TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary.... | | |
| CVE-2020-14079 | TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary.... | | |
| CVE-2020-14080 | TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary.... | | |
| CVE-2020-14081 | TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command injections in apply.cgi via the... | | |
| CVE-2020-14092 | The CodePeople Payment Form for PayPal Pro plugin before 1.1.65 for WordPress allows SQL Injection.... | | |
| CVE-2020-14093 | Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response.... | S | |
| CVE-2020-14094 | In Xiaomi router R3600, ROM version<1.0.20, the connection service can be injected through the web i... | | |
| CVE-2020-14095 | In Xiaomi router R3600, ROM version<1.0.20, a connect service suffers from an injection vulnerabilit... | | |
| CVE-2020-14096 | Memory overflow in Xiaomi AI speaker Rom version <1.59.6 can happen when the speaker verifying a mal... | | |
| CVE-2020-14097 | Wrong nginx configuration, causing specific paths to be downloaded without authorization. This affec... | | |
| CVE-2020-14098 | The login verification can be bypassed by using the problem that the time is not synchronized after ... | | |
| CVE-2020-14099 | On Xiaomi router AX1800 rom version < 1.0.336 and RM1800 root version < 1.0.26, the encryption schem... | | |
| CVE-2020-14100 | In Xiaomi router R3600 ROM version<1.0.66, filters in the set_WAN6 interface can be bypassed, causin... | | |
| CVE-2020-14101 | The data collection SDK of the router web management interface caused the leakage of the token. This... | | |
| CVE-2020-14102 | There is command injection when ddns processes the hostname, which causes the administrator user to ... | | |
| CVE-2020-14103 | The application in the mobile phone can read the SNO information of the device, Xiaomi 10 MIUI < 202... | | |
| CVE-2020-14104 | A RACE CONDITION on XQBACKUP causes a decompression path error on Xiaomi router AX3600 with ROM vers... | | |
| CVE-2020-14105 | The application in the mobile phone can read the SNO information of the device, Xiaomi 10 MIUI < 202... | | |
| CVE-2020-14106 | The application in the mobile phone can unauthorized access to the list of running processes in the ... | | |
| CVE-2020-14107 | A stack overflow in the HTTP server of Cast can be exploited to make the app crash in LAN.... | | |
| CVE-2020-14109 | There is command injection in the meshd program in the routing system, resulting in command executio... | | |
| CVE-2020-14110 | AX3600 router sensitive information leaked.There is an unauthorized interface through luci to obtain... | | |
| CVE-2020-14111 | A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by... | | |
| CVE-2020-14112 | Information Leak Vulnerability exists in the Xiaomi Router AX6000. The vulnerability is caused by in... | | |
| CVE-2020-14114 | information leakage vulnerability exists in the Xiaomi SmartHome APP. This vulnerability is caused b... | | |
| CVE-2020-14115 | A command injection vulnerability exists in the Xiaomi Router AX3600. The vulnerability is caused by... | | |
| CVE-2020-14116 | An intent redirection vulnerability in the Mi Browser product. This vulnerability is caused by the M... | | |
| CVE-2020-14117 | A improper permission configuration vulnerability in Xiaomi Content Center APP. This vulnerability i... | | |
| CVE-2020-14118 | An intent redirection vulnerability in the Mi App Store product. This vulnerability is caused by the... | | |
| CVE-2020-14119 | There is command injection in the addMeshNode interface of xqnetwork.lua, which leads to command exe... | | |
| CVE-2020-14120 | Some Xiaomi models have a vulnerability in a certain application. The vulnerability is caused by the... | | |
| CVE-2020-14121 | A business logic vulnerability exists in Mi App Store. The vulnerability is caused by incomplete per... | | |
| CVE-2020-14122 | Some Xiaomi phones have information leakage vulnerabilities, and some of them may be able to forge a... | | |
| CVE-2020-14123 | There is a pointer double free vulnerability in Some MIUI Services. When a function is called, the m... | | |
| CVE-2020-14124 | There is a buffer overflow in librsa.so called by getwifipwdurl interface, resulting in code executi... | | |
| CVE-2020-14125 | A denial of service vulnerability exists in some Xiaomi models of phones. The vulnerability is cause... | | |
| CVE-2020-14126 | Information leakage vulnerability exists in the Mi Sound APP. This vulnerability is caused by illega... | | |
| CVE-2020-14127 | A denial of service vulnerability exists in some Xiaomi models of phones. The vulnerability is cause... | | |
| CVE-2020-14129 | A logic vulnerability exists in a Xiaomi product. The vulnerability is caused by an identity verific... | | |
| CVE-2020-14130 | Some js interfaces in the Xiaomi community were exposed, causing sensitive functions to be malicious... | | |
| CVE-2020-14131 | The Xiaomi Security Center expresses heartfelt thanks to ADLab of VenusTech ! At the same time, we a... | | |
| CVE-2020-14140 | When Xiaomi router firmware is updated in 2020, there is an unauthenticated API that can reveal WIFI... | | |
| CVE-2020-14144 | The git hook feature in Gitea 1.1.0 through 1.12.5 might allow for authenticated remote code executi... | E | |
| CVE-2020-14145 | The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information l... | S | |
| CVE-2020-14146 | KumbiaPHP through 1.1.1, in Development mode, allows XSS via the public/pages/kumbia PATH_INFO.... | E | |
| CVE-2020-14147 | An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-depe... | S | |
| CVE-2020-14148 | The Server-Server protocol implementation in ngIRCd before 26~rc2 allows an out-of-bounds access, as... | S | |
| CVE-2020-14149 | In uftpd before 2.12, handle_CWD in ftpcmd.c mishandled the path provided by the user, causing a NUL... | E S | |
| CVE-2020-14150 | GNU Bison before 3.5.4 allows attackers to cause a denial of service (application crash). NOTE: ther... | | |
| CVE-2020-14151 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-11813. Reason: This candidat... | R | |
| CVE-2020-14152 | In IJG JPEG (aka libjpeg) before 9d, jpeg_mem_available() in jmemnobs.c in djpeg does not honor the ... | | |
| CVE-2020-14153 | In IJG JPEG (aka libjpeg) from version 8 through 9c, jdhuff.c has an out-of-bounds array read for ce... | E | |
| CVE-2020-14154 | Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, t... | | |
| CVE-2020-14155 | libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.... | S | |
| CVE-2020-14156 | user_channel/passwd_mgr.cpp in OpenBMC phosphor-host-ipmid before 2020-04-03 does not ensure that /e... | S | |
| CVE-2020-14157 | The wireless-communication feature of the ABUS Secvest FUBE50001 device does not encrypt sensitive d... | E | |
| CVE-2020-14158 | The ABUS Secvest FUMO50110 hybrid module does not have any security mechanism that ensures confident... | | |
| CVE-2020-14159 | By using an Automate API in ConnectWise Automate before 2020.5.178, a remote authenticated user coul... | | |
| CVE-2020-14160 | An SSRF vulnerability in Gotenberg through 6.2.1 exists in the remote URL to PDF conversion, which r... | S | |
| CVE-2020-14161 | It is possible to inject HTML and/or JavaScript in the HTML to PDF conversion in Gotenberg through 6... | S | |
| CVE-2020-14162 | An issue was discovered in Pi-Hole through 5.0. The local www-data user has sudo privileges to execu... | E | |
| CVE-2020-14163 | An issue was discovered in ecma/operations/ecma-container-object.c in JerryScript 2.2.0. Operations ... | S | |
| CVE-2020-14164 | The WYSIWYG editor resource in Jira Server and Data Center before version 8.8.2 allows remote attack... | | |
| CVE-2020-14165 | The UniversalAvatarResource.getAvatars resource in Jira Server and Data Center before version 8.9.0 ... | | |
| CVE-2020-14166 | The /servicedesk/customer/portals resource in Jira Service Desk Server and Data Center before versio... | | |
| CVE-2020-14167 | The MessageBundleResource resource in Jira Server and Data Center before version 7.13.4, from 8.5.0 ... | | |
| CVE-2020-14168 | The email client in Jira Server and Data Center before version 7.13.16, from 8.5.0 before 8.5.7, fro... | | |
| CVE-2020-14169 | The quick search component in Atlassian Jira Server and Data Center before 8.9.1 allows remote attac... | | |
| CVE-2020-14170 | Webhooks in Atlassian Bitbucket Server from version 5.4.0 before version 7.3.1 allow remote attacker... | | |
| CVE-2020-14171 | Atlassian Bitbucket Server from version 4.9.0 before version 7.2.4 allows remote attackers to interc... | | |
| CVE-2020-14172 | This issue exists to document that a security improvement in the way that Jira Server and Data Cente... | | |
| CVE-2020-14173 | The file upload feature in Atlassian Jira Server and Data Center in affected versions allows remote ... | | |
| CVE-2020-14174 | Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view titles of ... | | |
| CVE-2020-14175 | Affected versions of Atlassian Confluence Server and Data Center allow remote attackers to inject ar... | | |
| CVE-2020-14177 | Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the appl... | | |
| CVE-2020-14178 | Affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate proje... | | |
| CVE-2020-14179 | Affected versions of Atlassian Jira Server and Data Center allow remote, unauthenticated attackers t... | | |
| CVE-2020-14180 | Affected versions of Atlassian Jira Service Desk Server and Data Center allow remote attackers authe... | | |
| CVE-2020-14181 | Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerat... | E | |
| CVE-2020-14183 | Affected versions of Jira Server & Data Center allow a remote attacker with limited (non-admin) priv... | | |
| CVE-2020-14184 | Affected versions of Atlassian Jira Server allow remote attackers to inject arbitrary HTML or JavaSc... | | |
| CVE-2020-14185 | Affected versions of Jira Server allow remote unauthenticated attackers to enumerate issue keys via ... | | |
| CVE-2020-14188 | The preprocessArgs function in the Atlassian gajira-create GitHub Action before version 2.0.1 allows... | | |
| CVE-2020-14189 | The execute function in in the Atlassian gajira-comment GitHub Action before version 2.0.2 allows re... | | |
| CVE-2020-14190 | Affected versions of Atlassian Fisheye/Crucible allow remote attackers to achieve Regex Denial of Se... | S | |
| CVE-2020-14191 | Affected versions of Atlassian Fisheye/Crucible allow remote attackers to impact the application's a... | S | |
| CVE-2020-14192 | Affected versions of Atlassian Fisheye and Crucible allow remote attackers to view a product's SEN v... | | |
| CVE-2020-14193 | Affected versions of Automation for Jira - Server allowed remote attackers to read and render files ... | | |
| CVE-2020-14194 | Zulip Server before 2.1.5 allows reverse tabnapping via a topic header link.... | | |
| CVE-2020-14195 | FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadg... | | |
| CVE-2020-14196 | In PowerDNS Recursor versions up to and including 4.3.1, 4.2.2 and 4.1.16, the ACL restricting acces... | | |
| CVE-2020-14198 | Bitcoin Core 0.20.0 allows remote denial of service.... | S | |
| CVE-2020-14199 | BIP-143 in the Bitcoin protocol specification mishandles the signing of a Segwit transaction, which ... | | |
| CVE-2020-14201 | Dolibarr CRM before 11.0.5 allows privilege escalation. This could allow remote authenticated attack... | E | |
| CVE-2020-14202 | WebFOCUS Business Intelligence 8.0 (SP6) was prone to XSS via arbitrary URL parameters.... | E | |
| CVE-2020-14203 | WebFOCUS Business Intelligence 8.0 (SP6) allows a Cross-Site Request Forgery (CSRF) attack against a... | E | |
| CVE-2020-14204 | In WebFOCUS Business Intelligence 8.0 (SP6), the administration portal allows remote attackers to re... | | |
| CVE-2020-14205 | The DiveBook plugin 1.1.4 for WordPress is prone to improper access control in the Log Dive form bec... | E | |
| CVE-2020-14206 | The DiveBook plugin 1.1.4 for WordPress is prone to unauthenticated XSS within the filter function (... | E | |
| CVE-2020-14207 | The DiveBook plugin 1.1.4 for WordPress was prone to a SQL injection within divelog.php, allowing un... | | |
| CVE-2020-14208 | SuiteCRM 7.11.13 is affected by stored Cross-Site Scripting (XSS) in the Documents preview functiona... | | |
| CVE-2020-14209 | Dolibarr before 11.0.5 allows low-privilege users to upload files of dangerous types, leading to arb... | E | |
| CVE-2020-14210 | Reflected Cross-Site Scripting (XSS) vulnerability in MONITORAPP WAF in which script can be executed... | | |
| CVE-2020-14212 | FFmpeg through 4.3 has a heap-based buffer overflow in avio_get_str in libavformat/aviobuf.c because... | S | |
| CVE-2020-14213 | In Zammad before 3.3.1, a Customer has ticket access that should only be available to an Agent (e.g.... | S | |
| CVE-2020-14214 | Zammad before 3.3.1, when Domain Based Assignment is enabled, relies on a claimed e-mail address for... | S | |
| CVE-2020-14215 | Zulip Server before 2.1.5 has Incorrect Access Control because 0198_preregistrationuser_invited_as a... | | |
| CVE-2020-14221 | HCL Digital Experience 8.5, 9.0, and 9.5 exposes information about the server to unauthorized users.... | | |
| CVE-2020-14222 | HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross site scripting (XSS). One subcomponent ... | | |
| CVE-2020-14223 | HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross-site scripting (XSS). The vulnerability... | S | |
| CVE-2020-14224 | A vulnerability in the MIME message handling of the HCL Notes v9 client could potentially be exploit... | S | |
| CVE-2020-14225 | HCL iNotes is susceptible to a Tabnabbing vulnerability caused by improper sanitization of message c... | | |
| CVE-2020-14230 | HCL Domino is susceptible to a Denial of Service vulnerability caused by improper validation of user... | S | |
| CVE-2020-14231 | A vulnerability in the input parameter handling of HCL Client Application Access v9 could potentiall... | | |
| CVE-2020-14232 | A vulnerability in the input parameter handling of HCL Notes v9 could potentially be exploited by an... | | |
| CVE-2020-14234 | HCL Domino is susceptible to a Denial of Service vulnerability due to improper validation of user-su... | S | |
| CVE-2020-14240 | HCL Notes versions previous to releases 9.0.1 FP10 IF8, 10.0.1 FP6 and 11.0.1 FP1 is susceptible to ... | | |
| CVE-2020-14244 | A vulnerability in the MIME message handling of the Domino server (versions 9 and 10) could potentia... | S | |
| CVE-2020-14245 | HCL OneTest UI V9.5, V10.0, and V10.1 does not perform authentication for functionality that either ... | | |
| CVE-2020-14246 | HCL OneTest Performance V9.5, V10.0, V10.1 uses basic authentication which is relatively weak. An at... | | |
| CVE-2020-14247 | HCL OneTest Performance V9.5, V10.0, V10.1 contains an inadequate session timeout, which could allow... | | |
| CVE-2020-14248 | BigFix Inventory up to v10.0.2 does not set the secure flag for the session cookie in an https sessi... | M | |
| CVE-2020-14254 | TLS-RSA cipher suites are not disabled in HCL BigFix Inventory up to v10.0.2. If TLS 2.0 and secure ... | S | |
| CVE-2020-14255 | HCL Digital Experience 9.5 containers include vulnerabilities that could expose sensitive data to un... | | |
| CVE-2020-14258 | HCL Notes is susceptible to a Denial of Service vulnerability caused by improper validation of user-... | S | |
| CVE-2020-14260 | HCL Domino is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of us... | | |
| CVE-2020-14263 | "HCL Traveler Companion is vulnerable to an iOS weak cryptographic process vulnerability via the inc... | | |
| CVE-2020-14264 | "HCL Traveler Companion is vulnerable to an iOS weak cryptographic process vulnerability via the inc... | | |
| CVE-2020-14268 | A vulnerability in the MIME message handling of the Notes client (versions 9 and 10) could potential... | S | |
| CVE-2020-14270 | HCL Domino v9, v10, v11 is susceptible to an Information Disclosure vulnerability in XPages due to i... | S | |
| CVE-2020-14271 | HCL iNotes v9, v10 and v11 is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability due t... | | |
| CVE-2020-14273 | HCL Domino is susceptible to a Denial of Service (DoS) vulnerability due to insufficient validation ... | E | |
| CVE-2020-14274 | Information disclosure vulnerability in HCL Commerce 9.0.1.9 through 9.0.1.14 and 9.1 through 9.1.4 ... | | |
| CVE-2020-14275 | Security vulnerability in HCL Commerce 9.0.0.5 through 9.0.0.13, 9.0.1.0 through 9.0.1.14 and 9.1 th... | | |
| CVE-2020-14292 | In the COVIDSafe application through 1.0.21 for Android, unsafe use of the Bluetooth transport optio... | E | |
| CVE-2020-14293 | conf_datetime in Secudos DOMOS 5.8 allows remote attackers to execute arbitrary commands as root via... | E | |
| CVE-2020-14294 | An issue was discovered in Secudos Qiata FTA 1.70.19. The comment feature allows persistent XSS that... | E | |
| CVE-2020-14295 | A SQL injection issue in color.php in Cacti 1.2.12 allows an admin to inject SQL via the filter para... | E | |
| CVE-2020-14296 | Red Hat CloudForms 4.7 and 5 was vulnerable to Server-Side Request Forgery (SSRF) flaw. With the acc... | | |
| CVE-2020-14297 | A flaw was discovered in Wildfly's EJB Client as shipped with Red Hat JBoss EAP 7, where some specif... | | |
| CVE-2020-14298 | The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory ... | S | |
| CVE-2020-14299 | A flaw was found in JBoss EAP, where the authentication configuration is set-up using a legacy Secur... | | |
| CVE-2020-14300 | The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linu... | | |
| CVE-2020-14301 | An information disclosure vulnerability was found in libvirt in versions before 6.3.0. HTTP cookies ... | S | |
| CVE-2020-14302 | A flaw was found in Keycloak before 13.0.0 where an external identity provider, after successful aut... | | |
| CVE-2020-14303 | A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and be... | | |
| CVE-2020-14304 | A memory disclosure flaw was found in the Linux kernel's ethernet drivers, in the way it read data f... | | |
| CVE-2020-14305 | An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connectio... | E S | |
| CVE-2020-14306 | An incorrect access control flaw was found in the operator, openshift-service-mesh/istio-rhel8-opera... | S | |
| CVE-2020-14307 | A vulnerability was found in Wildfly's Enterprise Java Beans (EJB) versions shipped with Red Hat JBo... | | |
| CVE-2020-14308 | In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overfl... | | |
| CVE-2020-14309 | There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containin... | | |
| CVE-2020-14310 | There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a fo... | | |
| CVE-2020-14311 | There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesy... | | |
| CVE-2020-14312 | A flaw was found in the default configuration of dnsmasq, as shipped with Fedora versions prior to 3... | | |
| CVE-2020-14313 | An information disclosure vulnerability was found in Red Hat Quay in versions before 3.3.1. This fla... | | |
| CVE-2020-14314 | A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 fil... | S | |
| CVE-2020-14315 | A memory corruption vulnerability is present in bspatch as shipped in Colin Percival’s bsdiff tools ... | E | |
| CVE-2020-14316 | A flaw was found in kubevirt 0.29 and earlier. Virtual Machine Instances (VMIs) can be used to gain ... | S | |
| CVE-2020-14317 | It was found that the issue for security flaw CVE-2019-3805 appeared again in a further version of J... | | |
| CVE-2020-14318 | A flaw was found in the way samba handled file and directory permissions. An authenticated user coul... | S | |
| CVE-2020-14319 | It was found that the AMQ Online console is vulnerable to a Cross-Site Request Forgery (CSRF) which ... | | |
| CVE-2020-14320 | In Moodle before 3.9.1, 3.8.4 and 3.7.7, the filter in the admin task log required extra sanitizing ... | S | |
| CVE-2020-14321 | In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, teachers of a course were able to assign themselves... | S | |
| CVE-2020-14322 | In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, yui_combo needed to limit the amount of files it ca... | S | |
| CVE-2020-14323 | A null pointer dereference flaw was found in samba's Winbind service in versions before 4.11.15, bef... | | |
| CVE-2020-14324 | A high severity vulnerability was found in all active versions of Red Hat CloudForms before 5.11.7.0... | | |
| CVE-2020-14325 | Red Hat CloudForms before 5.11.7.0 was vulnerable to the User Impersonation authorization flaw which... | M | |
| CVE-2020-14326 | A vulnerability was found in RESTEasy, where RootNode incorrectly caches routes. This issue results ... | | |
| CVE-2020-14327 | A Server-side request forgery (SSRF) flaw was found in Ansible Tower in versions before 3.6.5 and be... | | |
| CVE-2020-14328 | A flaw was found in Ansible Tower in versions before 3.7.2. A Server Side Request Forgery flaw can b... | | |
| CVE-2020-14329 | A data exposure flaw was found in Ansible Tower in versions before 3.7.2, where sensitive data can b... | | |
| CVE-2020-14330 | An Improper Output Neutralization for Logs flaw was found in Ansible when using the uri module, wher... | E | |
| CVE-2020-14331 | A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when ... | E S | |
| CVE-2020-14332 | A flaw was found in the Ansible Engine when using module_args. Tasks executed with check mode (--che... | S | |
| CVE-2020-14333 | A flaw was found in Ovirt Engine's web interface in ovirt 4.4 and earlier, where it did not filter u... | | |
| CVE-2020-14334 | A flaw was found in Red Hat Satellite 6 which allows privileged attacker to read cache files. These ... | | |
| CVE-2020-14335 | A flaw was found in Red Hat Satellite, which allows a privileged attacker to read OMAPI secrets thro... | | |
| CVE-2020-14336 | A flaw was found in the Restricted Security Context Constraints (SCC), where it allows pods to craft... | M | |
| CVE-2020-14337 | A data exposure flaw was found in Tower, where sensitive data was revealed from the HTTP return erro... | | |
| CVE-2020-14338 | A flaw was found in Wildfly's implementation of Xerces, specifically in the way the XMLSchemaValidat... | | |
| CVE-2020-14339 | A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QE... | S | |
| CVE-2020-14340 | A vulnerability was discovered in XNIO where file descriptor leak caused by growing amounts of NIO S... | S | |
| CVE-2020-14341 | The "Test Connection" available in v7.x of the Red Hat Single Sign On application console can permit... | | |
| CVE-2020-14342 | It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password, wh... | E S | |
| CVE-2020-14343 | A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible... | S | |
| CVE-2020-14344 | An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client w... | S | |
| CVE-2020-14345 | A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Out-Of-Bounds access in XkbSetNam... | | |
| CVE-2020-14346 | A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension pro... | S | |
| CVE-2020-14347 | A flaw was found in the way xserver memory was not properly initialized. This could leak parts of se... | S | |
| CVE-2020-14348 | It was found in AMQ Online before 1.5.2 that injecting an invalid field to a user's AddressSpace con... | | |
| CVE-2020-14349 | It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly san... | | |
| CVE-2020-14350 | It was found that some PostgreSQL extensions did not use search_path safely in their installation sc... | | |
| CVE-2020-14351 | A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem a... | S | |
| CVE-2020-14352 | A flaw was found in librepo in versions before 1.12.1. A directory traversal vulnerability was found... | S | |
| CVE-2020-14353 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2017-18270. Reason: This candidat... | R | |
| CVE-2020-14354 | A possible use-after-free and double-free in c-ares lib version 1.16.0 if ares_destroy() is called p... | E S | |
| CVE-2020-14355 | Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE ... | S | |
| CVE-2020-14356 | A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was... | E S | |
| CVE-2020-14357 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2020-14358 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2020-14359 | A vulnerability was found in all versions of Keycloak Gatekeeper, where on using lower case HTTP hea... | | |
| CVE-2020-14360 | A flaw was found in the X.Org Server before version 1.20.10. An out-of-bounds access in the XkbSetMa... | S | |
| CVE-2020-14361 | A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap... | S | |
| CVE-2020-14362 | A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap... | S | |
| CVE-2020-14363 | An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a l... | E | |
| CVE-2020-14364 | An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before... | S | |
| CVE-2020-14365 | A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9... | | |
| CVE-2020-14366 | A vulnerability was found in keycloak, where path traversal using URL-encoded path segments in the r... | | |
| CVE-2020-14367 | A flaw was found in chrony versions before 3.5.1 when creating the PID file under the /var/run/chron... | S | |
| CVE-2020-14368 | A flaw was found in Eclipse Che in versions prior to 7.14.0 that impacts CodeReady Workspaces. When ... | | |
| CVE-2020-14369 | This release fixes a Cross Site Request Forgery vulnerability was found in Red Hat CloudForms which ... | | |
| CVE-2020-14370 | An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. Whe... | S | |
| CVE-2020-14371 | A credential leak vulnerability was found in Red Hat Satellite. This flaw exposes the compute resour... | | |
| CVE-2020-14372 | A flaw was found in grub2 in versions prior to 2.06, where it incorrectly enables the usage of the A... | S | |
| CVE-2020-14373 | A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25. A local attac... | E S | |
| CVE-2020-14374 | A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A flawed bounds checking in... | S | |
| CVE-2020-14375 | A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, an... | S | |
| CVE-2020-14376 | A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A lack of bounds checking w... | S | |
| CVE-2020-14377 | A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A complete lack of validati... | S | |
| CVE-2020-14378 | An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the `move_desc` function... | S | |
| CVE-2020-14379 | A flaw was found in Red Hat AMQ Broker in a way that a XEE attack can be done via Broker's configura... | | |
| CVE-2020-14380 | An account takeover flaw was found in Red Hat Satellite 6.7.2 onward. A potential attacker with prop... | | |
| CVE-2020-14381 | A flaw was found in the Linux kernel’s futex implementation. This flaw allows a local attacker to co... | S | |
| CVE-2020-14382 | A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format ... | S | |
| CVE-2020-14383 | A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server ... | S | |
| CVE-2020-14384 | A flaw was found in JBossWeb in versions before 7.5.31.Final-redhat-3. The fix for CVE-2020-13935 wa... | | |
| CVE-2020-14385 | A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator... | S | |
| CVE-2020-14386 | A flaw was found in the Linux kernel before 5.9-rc4. Memory corruption can be exploited to gain root... | S | |
| CVE-2020-14387 | A flaw was found in rsync in versions since 3.2.0pre1. Rsync improperly validates certificate with h... | S | |
| CVE-2020-14388 | A flaw was found in the Red Hat 3scale API Management Platform, where member permissions for an API'... | | |
| CVE-2020-14389 | It was found that Keycloak before version 12.0.0 would permit a user with only view-profile role to ... | | |
| CVE-2020-14390 | A flaw was found in the Linux kernel in versions before 5.9-rc6. When changing screen size, an out-o... | | |
| CVE-2020-14391 | A flaw was found in the GNOME Control Center in Red Hat Enterprise Linux 8 versions prior to 8.2, wh... | | |
| CVE-2020-14392 | An untrusted pointer dereference flaw was found in Perl-DBI < 1.643. A local attacker who is able to... | | |
| CVE-2020-14393 | A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a ... | S | |
| CVE-2020-14394 | An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the len... | E S | |
| CVE-2020-14395 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2020-14396 | An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tls_openssl.c has a NULL pointer... | S | |
| CVE-2020-14397 | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer d... | S | |
| CVE-2020-14398 | An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes an... | S | |
| CVE-2020-14399 | An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_... | S | |
| CVE-2020-14400 | An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint16_... | S | |
| CVE-2020-14401 | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value intege... | S | |
| CVE-2020-14402 | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds acc... | S | |
| CVE-2020-14403 | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/hextile.c allows out-of-bounds a... | S | |
| CVE-2020-14404 | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rre.c allows out-of-bounds acces... | S | |
| CVE-2020-14405 | An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit TextCh... | S | |
| CVE-2020-14408 | An issue was discovered in Agentejo Cockpit 0.10.2. Insufficient sanitization of the to parameter in... | E | |
| CVE-2020-14409 | SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow (and resultant SDL_memcpy heap... | S | |
| CVE-2020-14410 | SDL (Simple DirectMedia Layer) through 2.0.12 has a heap-based buffer over-read in Blit_3or4_to_3or4... | S | |
| CVE-2020-14412 | NeDi 1.9C is vulnerable to Remote Command Execution. System-Snapshot.php improperly escapes shell me... | | |
| CVE-2020-14413 | NeDi 1.9C is vulnerable to XSS because of an incorrect implementation of sanitize() in inc/libmisc.p... | | |
| CVE-2020-14414 | NeDi 1.9C is vulnerable to Remote Command Execution. pwsec.php improperly escapes shell metacharacte... | | |
| CVE-2020-14415 | oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer position.... | S | |
| CVE-2020-14416 | In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan... | S | |
| CVE-2020-14418 | A TOCTOU vulnerability exists in madCodeHook before 2020-07-16 that allows local attackers to elevat... | E | |
| CVE-2020-14421 | aaPanel through 6.6.6 allows remote authenticated users to execute arbitrary commands via the Script... | E | |
| CVE-2020-14422 | Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IP... | | |
| CVE-2020-14423 | Convos before 4.20 does not properly generate a random secret in Core/Settings.pm and Util.pm. This ... | S | |
| CVE-2020-14424 | Cacti before 1.2.18 allows remote attackers to trigger XSS via template import for the midwinter the... | S | |
| CVE-2020-14425 | Foxit Reader before 10.0 allows Remote Command Execution via the app.opencPDFWebPage JavsScript API.... | E | |
| CVE-2020-14426 | Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK75... | | |
| CVE-2020-14427 | Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK75... | | |
| CVE-2020-14428 | Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK75... | | |
| CVE-2020-14429 | Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects MK62 ... | | |
| CVE-2020-14430 | Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK75... | | |
| CVE-2020-14431 | Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects RBK75... | | |
| CVE-2020-14432 | Certain NETGEAR devices are affected by CSRF. This affects RBK752 before 3.2.15.25, RBK753 before 3.... | | |
| CVE-2020-14433 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2020-14434 | Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK... | | |
| CVE-2020-14435 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | | |
| CVE-2020-14436 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | | |
| CVE-2020-14437 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | | |
| CVE-2020-14438 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | | |
| CVE-2020-14439 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | | |
| CVE-2020-14440 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | | |
| CVE-2020-14441 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | | |
| CVE-2020-14442 | Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affec... | | |
| CVE-2020-14443 | A SQL injection vulnerability in accountancy/customer/card.php in Dolibarr 11.0.3 allows remote auth... | S | |
| CVE-2020-14444 | An issue was discovered in WSO2 Identity Server through 5.9.0 and WSO2 IS as Key Manager through 5.9... | E | |
| CVE-2020-14445 | An issue was discovered in WSO2 Identity Server through 5.9.0 and WSO2 IS as Key Manager through 5.9... | E | |
| CVE-2020-14446 | An issue was discovered in WSO2 Identity Server through 5.10.0 and WSO2 IS as Key Manager through 5.... | E | |
| CVE-2020-14447 | An issue was discovered in Mattermost Server before 5.23.0. Large webhook requests allow attackers t... | | |
| CVE-2020-14448 | An issue was discovered in Mattermost Server before 5.23.0. Automatic direct message replies allow a... | | |
| CVE-2020-14449 | An issue was discovered in Mattermost Mobile Apps before 1.30.0. Authorization tokens can sometimes ... | | |
| CVE-2020-14450 | An issue was discovered in Mattermost Server before 5.22.0. The markdown renderer allows attackers t... | | |
| CVE-2020-14451 | An issue was discovered in Mattermost Mobile Apps before 1.29.0. The iOS app allowed Single Sign-On ... | | |
| CVE-2020-14452 | An issue was discovered in Mattermost Server before 5.21.0. mmctl allows directory traversal via HTT... | | |
| CVE-2020-14453 | An issue was discovered in Mattermost Server before 5.21.0. Socket read operations are not appropria... | | |
| CVE-2020-14454 | An issue was discovered in Mattermost Desktop App before 4.4.0. Attackers can open web pages in the ... | | |
| CVE-2020-14455 | An issue was discovered in Mattermost Desktop App before 4.4.0. Prompting for HTTP Basic Authenticat... | | |
| CVE-2020-14456 | An issue was discovered in Mattermost Desktop App before 4.4.0. The Same Origin Policy is mishandled... | | |
| CVE-2020-14457 | An issue was discovered in Mattermost Server before 5.20.0. Non-members can receive broadcasted team... | | |
| CVE-2020-14458 | An issue was discovered in Mattermost Server before 5.19.0. Attackers can discover private channels ... | | |
| CVE-2020-14459 | An issue was discovered in Mattermost Server before 5.19.0. Attackers can rename a channel and cause... | | |
| CVE-2020-14460 | An issue was discovered in Mattermost Server before 5.19.0, 5.18.1, 5.17.3, 5.16.5, and 5.9.8. Creat... | | |
| CVE-2020-14461 | Zyxel Armor X1 WAP6806 1.00(ABAL.6)C0 devices allow Directory Traversal via the images/eaZy/ URI.... | E | |
| CVE-2020-14462 | CALDERA 2.7.0 allows XSS via the Operation Name box.... | E | |
| CVE-2020-14467 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2020-14470 | In Octopus Deploy 2018.8.0 through 2019.x before 2019.12.2, an authenticated user with could trigger... | | |
| CVE-2020-14472 | On Draytek Vigor3900, Vigor2960, and Vigor 300B devices before 1.5.1.1, there are some command-injec... | E | |
| CVE-2020-14473 | Stack-based buffer overflow vulnerability in Vigor3900, Vigor2960, and Vigor300B with firmware befor... | E | |
| CVE-2020-14474 | The Cellebrite UFED physical device 5.0 through 7.5.0.845 relies on key material hardcoded within bo... | E | |
| CVE-2020-14475 | A reflected cross-site scripting (XSS) vulnerability in Dolibarr 11.0.3 allows remote attackers to i... | S | |
| CVE-2020-14476 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2020-14477 | Philips Ultrasound Systems Authentication Bypass Using an Alternate Path or Channel | S | |
| CVE-2020-14478 | IMPROPER RESTRICTION OF XML EXTERNAL ENTITY REFERENCE CWE-611 | M | |
| CVE-2020-14479 | ICSA-20-147-01 Inductive Automation Ignition (Update B) | S | |
| CVE-2020-14480 | Due to usernames/passwords being stored in plaintext in Random Access Memory (RAM), a local, authent... | M | |
| CVE-2020-14481 | The DeskLock tool provided with FactoryTalk View SE uses a weak encryption algorithm that may allow ... | M | |
| CVE-2020-14482 | Delta Industrial Automation DOPSoft, Version 4.00.08.15 and prior. Opening a specially crafted proje... | | |
| CVE-2020-14483 | A timeout during a TLS handshake can result in the connection failing to terminate. This can result ... | | |
| CVE-2020-14484 | OpenClinic GA versions 5.09.02 and 5.89.05b may allow an attacker to bypass the system’s account loc... | | |
| CVE-2020-14485 | OpenClinic GA versions 5.09.02 and 5.89.05b may allow an attacker to bypass client-side access contr... | | |
| CVE-2020-14486 | OpenClinic GA | M | |
| CVE-2020-14487 | OpenClinic GA | S | |
| CVE-2020-14488 | OpenClinic GA | M | |
| CVE-2020-14489 | OpenClinic GA | M | |
| CVE-2020-14490 | OpenClinic GA | M | |
| CVE-2020-14491 | OpenClinic GA versions 5.09.02 and 5.89.05b do not properly check permissions before executing SQL q... | | |
| CVE-2020-14492 | OpenClinic GA | M | |
| CVE-2020-14493 | OpenClinic GA | M | |
| CVE-2020-14494 | OpenClinic GA versions 5.09.02 and 5.89.05b contain an authentication mechanism within the system th... | | |
| CVE-2020-14495 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2020-14496 | Mitsubishi Electric Multiple Factory Automation Engineering Software Products (Update A) - Permission Issues | | |
| CVE-2020-14497 | Advantech iView, versions 5.6 and prior, contains multiple SQL injection vulnerabilities that are vu... | | |
| CVE-2020-14498 | HMS Industrial Networks AB eCatcher Stack-based Buffer Overflow | S | |
| CVE-2020-14499 | Advantech iView, versions 5.6 and prior, has an improper access control vulnerability. Successful ex... | | |
| CVE-2020-14500 | IMPROPER NEUTRALIZATION OF NULL BYTE OR NUL CHARACTER CWE-158 | | |
| CVE-2020-14501 | Advantech iView, versions 5.6 and prior, has an improper authentication for critical function (CWE-3... | | |
| CVE-2020-14502 | The web interface of the 1734-AENTR communication module is vulnerable to stored XSS. A remote, unau... | M | |
| CVE-2020-14503 | Advantech iView, versions 5.6 and prior, has an improper input validation vulnerability. Successful ... | | |
| CVE-2020-14504 | The web interface of the 1734-AENTR communication module mishandles authentication for HTTP POST req... | M | |
| CVE-2020-14505 | Advantech iView, versions 5.6 and prior, has an improper neutralization of special elements used in ... | | |
| CVE-2020-14506 | Philips Clinical Collaboration Platform Cross-site Request Forgery | S | |
| CVE-2020-14507 | Advantech iView, versions 5.6 and prior, is vulnerable to multiple path traversal vulnerabilities th... | | |
| CVE-2020-14508 | OFF-BY-ONE ERROR CWE-193 | | |
| CVE-2020-14509 | Multiple memory corruption vulnerabilities exist in CodeMeter (All versions prior to 7.10) where the... | | |
| CVE-2020-14510 | OFF-BY-ONE ERROR CWE-193 | | |
| CVE-2020-14511 | Malicious operation of the crafted web browser cookie may cause a stack-based buffer overflow in the... | | |
| CVE-2020-14512 | USE OF PASSWORD HASH WITH INSUFFICIENT COMPUTATIONAL EFFORT CWE-916 | | |
| CVE-2020-14513 | CodeMeter (All versions prior to 6.81) and the software using it may crash while processing a specif... | | |
| CVE-2020-14514 | Trailer Power Line Communications vulnerability | | |
| CVE-2020-14515 | CodeMeter (All versions prior to 6.90 when using CmActLicense update files with CmActLicense Firm Co... | | |
| CVE-2020-14516 | In Rockwell Automation FactoryTalk Services Platform Versions 6.10.00 and 6.11.00, there is an issue... | | |
| CVE-2020-14517 | Protocol encryption can be easily broken for CodeMeter (All versions prior to 6.90 are affected, inc... | | |
| CVE-2020-14518 | Philips DreamMapper Insertion of Sensitive Information into Log File | S | |
| CVE-2020-14519 | This vulnerability allows an attacker to use the internal WebSockets API for CodeMeter (All versions... | | |
| CVE-2020-14520 | The affected product is vulnerable to an information leak, which may allow an attacker to obtain sen... | | |
| CVE-2020-14521 | Mitsubishi Electric Factory Automation Engineering Products Unquoted Search Path or Element | | |
| CVE-2020-14522 | Softing Industrial Automation OPC | | |
| CVE-2020-14523 | Mitsubishi Electric Factory Automation Products Path Traversal | S | |
| CVE-2020-14524 | Softing Industrial Automation OPC | | |
| CVE-2020-14525 | Philips Clinical Collaboration Platform Improper Neutralization of Script in Attributes in a Web Page | S | |
| CVE-2020-14527 | Vulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering (... | | |
| CVE-2020-14528 | Vulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering (... | | |
| CVE-2020-14529 | Vulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering (... | | |
| CVE-2020-14530 | Vulnerability in the Oracle Security Service product of Oracle Fusion Middleware (component: None). ... | | |
| CVE-2020-14531 | Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM (component: SWSE Server). Supp... | | |
| CVE-2020-14532 | Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Dynamo Applicat... | | |
| CVE-2020-14533 | Vulnerability in the Oracle Commerce Platform product of Oracle Commerce (component: Dynamo Applicat... | | |
| CVE-2020-14534 | Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Po... | | |
| CVE-2020-14535 | Vulnerability in the Oracle Commerce Service Center product of Oracle Commerce (component: Commerce ... | | |
| CVE-2020-14536 | Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager product of O... | | |
| CVE-2020-14537 | Vulnerability in the Oracle Solaris product of Oracle Systems (component: Packaging Scripts). The su... | | |
| CVE-2020-14539 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported ... | | |
| CVE-2020-14540 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versio... | | |
| CVE-2020-14541 | Vulnerability in the Hyperion Financial Close Management product of Oracle Hyperion (component: Clos... | | |
| CVE-2020-14542 | Vulnerability in the Oracle Solaris product of Oracle Systems (component: libsuri). The supported ve... | | |
| CVE-2020-14543 | Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage ... | | |
| CVE-2020-14544 | Vulnerability in the Oracle Transportation Management product of Oracle Supply Chain (component: Dat... | | |
| CVE-2020-14545 | Vulnerability in the Oracle Solaris product of Oracle Systems (component: Device Driver Utility). Th... | | |
| CVE-2020-14546 | Vulnerability in the Hyperion Financial Close Management product of Oracle Hyperion (component: Clos... | | |
| CVE-2020-14547 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported ... | | |
| CVE-2020-14548 | Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middle... | | |
| CVE-2020-14549 | Vulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering (... | | |
| CVE-2020-14550 | Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions tha... | | |
| CVE-2020-14551 | Vulnerability in the Oracle AutoVue product of Oracle Supply Chain (component: Security). The suppor... | S | |
| CVE-2020-14552 | Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Securit... | S | |
| CVE-2020-14553 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Suppo... | S | |
| CVE-2020-14554 | Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component... | S | |
| CVE-2020-14555 | Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Admin... | S | |
| CVE-2020-14556 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Sup... | S | |
| CVE-2020-14557 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Cont... | S | |
| CVE-2020-14558 | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Port... | S | |
| CVE-2020-14559 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). S... | S | |
| CVE-2020-14560 | Vulnerability in the Oracle Hyperion BI+ product of Oracle Hyperion (component: UI and Visualization... | S | |
| CVE-2020-14561 | Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage ... | S | |
| CVE-2020-14562 | Vulnerability in the Java SE product of Oracle Java SE (component: ImageIO). Supported versions that... | S | |
| CVE-2020-14563 | Vulnerability in the Oracle Enterprise Communications Broker product of Oracle Communications Applic... | S | |
| CVE-2020-14564 | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Envi... | S | |
| CVE-2020-14565 | Vulnerability in the Oracle Unified Directory product of Oracle Fusion Middleware (component: Securi... | S | |
| CVE-2020-14566 | Vulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering (... | S | |
| CVE-2020-14567 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supporte... | S | |
| CVE-2020-14568 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions th... | S | |
| CVE-2020-14569 | Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applica... | S | |
| CVE-2020-14570 | Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Mobile Serv... | S | |
| CVE-2020-14571 | Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Mobile Serv... | S | |
| CVE-2020-14572 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console)... | S | |
| CVE-2020-14573 | Vulnerability in the Java SE product of Oracle Java SE (component: Hotspot). Supported versions that... | S | |
| CVE-2020-14574 | Vulnerability in the Oracle Communications Interactive Session Recorder product of Oracle Communicat... | S | |
| CVE-2020-14575 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versio... | S | |
| CVE-2020-14576 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: UDF). Supported versio... | S | |
| CVE-2020-14577 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supporte... | S | |
| CVE-2020-14578 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Sup... | S | |
| CVE-2020-14579 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Sup... | S | |
| CVE-2020-14580 | Vulnerability in the Oracle Communications Session Border Controller product of Oracle Communication... | S | |
| CVE-2020-14581 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported ... | S | |
| CVE-2020-14582 | Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: User Registration)... | S | |
| CVE-2020-14583 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Sup... | S | |
| CVE-2020-14584 | Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: BI Publishe... | S | |
| CVE-2020-14585 | Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Mobile Serv... | S | |
| CVE-2020-14586 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges).... | S | |
| CVE-2020-14587 | Vulnerability in the PeopleSoft Enterprise FIN Expenses product of Oracle PeopleSoft (component: Exp... | S | |
| CVE-2020-14588 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Cont... | S | |
| CVE-2020-14589 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Cont... | S | |
| CVE-2020-14590 | Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Pa... | S | |
| CVE-2020-14591 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Audit Plug-in). Suppor... | S | |
| CVE-2020-14592 | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Rich... | S | |
| CVE-2020-14593 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported ... | S | |
| CVE-2020-14594 | Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage ... | S | |
| CVE-2020-14595 | Vulnerability in the Oracle iLearning product of Oracle iLearning (component: Assessment Manager). S... | S | |
| CVE-2020-14596 | Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Address Book). Sup... | S | |
| CVE-2020-14597 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported ... | S | |
| CVE-2020-14598 | Vulnerability in the Oracle CRM Gateway for Mobile Devices product of Oracle E-Business Suite (compo... | S | |
| CVE-2020-14599 | Vulnerability in the Oracle CRM Gateway for Mobile Devices product of Oracle E-Business Suite (compo... | S | |
| CVE-2020-14600 | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Port... | S | |
| CVE-2020-14601 | Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Ora... | S | |
| CVE-2020-14602 | Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Ora... | S | |
| CVE-2020-14603 | Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Ora... | S | |
| CVE-2020-14604 | Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Ora... | S | |
| CVE-2020-14605 | Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Ora... | S | |
| CVE-2020-14606 | Vulnerability in the Oracle SD-WAN Edge product of Oracle Communications Applications (component: Us... | S | |
| CVE-2020-14607 | Vulnerability in the Oracle Fusion Middleware MapViewer product of Oracle Fusion Middleware (compone... | S | |
| CVE-2020-14608 | Vulnerability in the Oracle Fusion Middleware MapViewer product of Oracle Fusion Middleware (compone... | S | |
| CVE-2020-14609 | Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middle... | S | |
| CVE-2020-14610 | Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: At... | S | |
| CVE-2020-14611 | Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Compose... | S | |
| CVE-2020-14612 | Vulnerability in the PeopleSoft Enterprise HRMS product of Oracle PeopleSoft (component: Time and La... | S | |
| CVE-2020-14613 | Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: Advanced... | S | |
| CVE-2020-14614 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported ... | S | |
| CVE-2020-14615 | Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Ora... | S | |
| CVE-2020-14616 | Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage ... | S | |
| CVE-2020-14617 | Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component: Pl... | S | |
| CVE-2020-14618 | Vulnerability in the Primavera Unifier product of Oracle Construction and Engineering (component: Mo... | S | |
| CVE-2020-14619 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported ver... | S | |
| CVE-2020-14620 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versio... | S | |
| CVE-2020-14621 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Supporte... | | |
| CVE-2020-14622 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). S... | | |
| CVE-2020-14623 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions th... | | |
| CVE-2020-14624 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: JSON). Supported versi... | | |
| CVE-2020-14625 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). S... | | |
| CVE-2020-14626 | Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middle... | | |
| CVE-2020-14627 | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Quer... | | |
| CVE-2020-14628 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor... | | |
| CVE-2020-14629 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor... | | |
| CVE-2020-14630 | Vulnerability in the Oracle Enterprise Session Border Controller product of Oracle Communications Ap... | | |
| CVE-2020-14631 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Audit). Supp... | | |
| CVE-2020-14632 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported ve... | | |
| CVE-2020-14633 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions th... | | |
| CVE-2020-14634 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions th... | S | |
| CVE-2020-14635 | Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component... | | |
| CVE-2020-14636 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Sample a... | | |
| CVE-2020-14637 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Sample a... | | |
| CVE-2020-14638 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Sample a... | | |
| CVE-2020-14639 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Sample a... | | |
| CVE-2020-14640 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Sample a... | | |
| CVE-2020-14641 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supp... | S | |
| CVE-2020-14642 | Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: CacheStore). S... | | |
| CVE-2020-14643 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supp... | | |
| CVE-2020-14644 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). S... | KEV | |
| CVE-2020-14645 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). S... | | |
| CVE-2020-14646 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor... | | |
| CVE-2020-14647 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor... | | |
| CVE-2020-14648 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor... | | |
| CVE-2020-14649 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor... | | |
| CVE-2020-14650 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor... | | |
| CVE-2020-14651 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supp... | | |
| CVE-2020-14652 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). S... | | |
| CVE-2020-14653 | Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construc... | | |
| CVE-2020-14654 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported ... | | |
| CVE-2020-14655 | Vulnerability in the Oracle Security Service product of Oracle Fusion Middleware (component: SSL API... | | |
| CVE-2020-14656 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Supported ve... | | |
| CVE-2020-14657 | Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: ... | | |
| CVE-2020-14658 | Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Admin... | | |
| CVE-2020-14659 | Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: ... | | |
| CVE-2020-14660 | Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: ... | | |
| CVE-2020-14661 | Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: ... | | |
| CVE-2020-14662 | Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Ora... | | |
| CVE-2020-14663 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges).... | | |
| CVE-2020-14664 | Vulnerability in the Java SE product of Oracle Java SE (component: JavaFX). The supported version th... | | |
| CVE-2020-14665 | Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: Invoice)... | | |
| CVE-2020-14666 | Vulnerability in the Oracle Email Center product of Oracle E-Business Suite (component: Message Disp... | | |
| CVE-2020-14667 | Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: ... | | |
| CVE-2020-14668 | Vulnerability in the Oracle E-Business Intelligence product of Oracle E-Business Suite (component: D... | | |
| CVE-2020-14669 | Vulnerability in the Oracle Configurator product of Oracle Supply Chain (component: UI Servlet). Sup... | | |
| CVE-2020-14670 | Vulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite (componen... | | |
| CVE-2020-14671 | Vulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite (componen... | | |
| CVE-2020-14672 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Stored Procedure). Sup... | S | |
| CVE-2020-14673 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor... | | |
| CVE-2020-14674 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor... | S | |
| CVE-2020-14675 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor... | | |
| CVE-2020-14676 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor... | | |
| CVE-2020-14677 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor... | | |
| CVE-2020-14678 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges).... | | |
| CVE-2020-14679 | Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: ... | | |
| CVE-2020-14680 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported ... | | |
| CVE-2020-14681 | Vulnerability in the Oracle E-Business Intelligence product of Oracle E-Business Suite (component: D... | | |
| CVE-2020-14682 | Vulnerability in the Oracle Depot Repair product of Oracle E-Business Suite (component: Estimate and... | | |
| CVE-2020-14684 | Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Ora... | | |
| CVE-2020-14685 | Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Ora... | | |
| CVE-2020-14686 | Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: Others). Support... | | |
| CVE-2020-14687 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). S... | | |
| CVE-2020-14688 | Vulnerability in the Oracle Common Applications product of Oracle E-Business Suite (component: CRM U... | | |
| CVE-2020-14690 | Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middle... | | |
| CVE-2020-14691 | Vulnerability in the Oracle Financial Services Liquidity Risk Management product of Oracle Financial... | | |
| CVE-2020-14692 | Vulnerability in the Oracle Financial Services Loan Loss Forecasting and Provisioning product of Ora... | | |
| CVE-2020-14693 | Vulnerability in the Oracle Insurance Accounting Analyzer product of Oracle Financial Services Appli... | | |
| CVE-2020-14694 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor... | | |
| CVE-2020-14695 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor... | | |
| CVE-2020-14696 | Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Layout Temp... | | |
| CVE-2020-14697 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges).... | | |
| CVE-2020-14698 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor... | | |
| CVE-2020-14699 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor... | | |
| CVE-2020-14700 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor... | | |
| CVE-2020-14701 | Vulnerability in the Oracle SD-WAN Aware product of Oracle Communications Applications (component: U... | | |
| CVE-2020-14702 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges).... | | |
| CVE-2020-14703 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor... | | |
| CVE-2020-14704 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor... | | |
| CVE-2020-14705 | Vulnerability in the Oracle GoldenGate product of Oracle GoldenGate (component: Process Management).... | | |
| CVE-2020-14706 | Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construc... | | |
| CVE-2020-14707 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor... | | |
| CVE-2020-14708 | Vulnerability in the Customer Management and Segmentation Foundation product of Oracle Retail Applic... | | |
| CVE-2020-14709 | Vulnerability in the Customer Management and Segmentation Foundation product of Oracle Retail Applic... | | |
| CVE-2020-14710 | Vulnerability in the Customer Management and Segmentation Foundation product of Oracle Retail Applic... | | |
| CVE-2020-14711 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor... | | |
| CVE-2020-14712 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor... | | |
| CVE-2020-14713 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor... | | |
| CVE-2020-14714 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor... | | |
| CVE-2020-14715 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Suppor... | | |
| CVE-2020-14716 | Vulnerability in the Oracle Common Applications product of Oracle E-Business Suite (component: CRM U... | | |
| CVE-2020-14717 | Vulnerability in the Oracle Common Applications product of Oracle E-Business Suite (component: CRM U... | | |
| CVE-2020-14718 | Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: JVMCI).... | | |
| CVE-2020-14719 | Vulnerability in the Oracle Internet Expenses product of Oracle E-Business Suite (component: Mobile ... | | |
| CVE-2020-14720 | Vulnerability in the Oracle Internet Expenses product of Oracle E-Business Suite (component: Mobile ... | | |
| CVE-2020-14721 | Vulnerability in the Oracle Enterprise Communications Broker product of Oracle Communications Applic... | | |
| CVE-2020-14722 | Vulnerability in the Oracle Enterprise Communications Broker product of Oracle Communications Applic... | | |
| CVE-2020-14723 | Vulnerability in the Oracle Help Technologies product of Oracle Fusion Middleware (component: Web UI... | E | |
| CVE-2020-14724 | Vulnerability in the Oracle Solaris product of Oracle Systems (component: Device Driver Utility). Th... | | |
| CVE-2020-14725 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported ... | S | |
| CVE-2020-14728 | Vulnerability in the SuiteCommerce Advanced (SCA) component of Oracle NetSuite service. Supported ve... | | |
| CVE-2020-14729 | Vulnerability in SuiteCommerce Advanced (SCA) Sites component of Oracle NetSuite service. Supported ... | | |
| CVE-2020-14731 | Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle... | S | |
| CVE-2020-14732 | Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle... | S | |
| CVE-2020-14734 | Vulnerability in the Oracle Text component of Oracle Database Server. Supported versions that are af... | S | |
| CVE-2020-14735 | Vulnerability in the Scheduler component of Oracle Database Server. Supported versions that are affe... | S | |
| CVE-2020-14736 | Vulnerability in the Database Vault component of Oracle Database Server. Supported versions that are... | S | |
| CVE-2020-14740 | Vulnerability in the SQL Developer Install component of Oracle Database Server. Supported versions t... | S | |
| CVE-2020-14741 | Vulnerability in the Database Filesystem component of Oracle Database Server. Supported versions tha... | S | |
| CVE-2020-14742 | Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are aff... | S | |
| CVE-2020-14743 | Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affect... | S | |
| CVE-2020-14744 | Vulnerability in the Oracle REST Data Services product of Oracle REST Data Services (component: Gene... | S | |
| CVE-2020-14745 | Vulnerability in the Oracle REST Data Services product of Oracle REST Data Services (component: Gene... | S | |
| CVE-2020-14746 | Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Po... | S | |
| CVE-2020-14750 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console)... | KEV S | |
| CVE-2020-14752 | Vulnerability in the Hyperion Lifecycle Management product of Oracle Hyperion (component: Shared Ser... | S | |
| CVE-2020-14753 | Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage ... | S | |
| CVE-2020-14754 | Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported... | S | |
| CVE-2020-14756 | Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core Component... | S | |
| CVE-2020-14757 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Serv... | S | |
| CVE-2020-14758 | Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported ver... | S | |
| CVE-2020-14759 | Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported ver... | S | |
| CVE-2020-14760 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported ... | S | |
| CVE-2020-14761 | Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component: Orac... | S | |
| CVE-2020-14762 | Vulnerability in the Oracle Application Express component of Oracle Database Server. The supported v... | S | |
| CVE-2020-14763 | Vulnerability in the Oracle Application Express Quick Poll component of Oracle Database Server. The ... | | |
| CVE-2020-14764 | Vulnerability in the Hyperion Planning product of Oracle Hyperion (component: Application Developmen... | | |
| CVE-2020-14765 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versio... | | |
| CVE-2020-14766 | Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middle... | S | |
| CVE-2020-14767 | Vulnerability in the Hyperion BI+ product of Oracle Hyperion (component: IQR-Foundation service). Th... | | |
| CVE-2020-14768 | Vulnerability in the Hyperion Analytic Provider Services product of Oracle Hyperion (component: Smar... | S | |
| CVE-2020-14769 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported ... | S | |
| CVE-2020-14770 | Vulnerability in the Hyperion BI+ product of Oracle Hyperion (component: IQR-Foundation service). Th... | S | |
| CVE-2020-14771 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). ... | S | |
| CVE-2020-14772 | Vulnerability in the Hyperion Lifecycle Management product of Oracle Hyperion (component: Shared Ser... | S | |
| CVE-2020-14773 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported ... | S | |
| CVE-2020-14774 | Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: ... | S | |
| CVE-2020-14775 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions th... | S | |
| CVE-2020-14776 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions th... | S | |
| CVE-2020-14777 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported ... | S | |
| CVE-2020-14778 | Vulnerability in the PeopleSoft Enterprise HCM Global Payroll Core product of Oracle PeopleSoft (com... | S | |
| CVE-2020-14779 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization).... | | |
| CVE-2020-14780 | Vulnerability in the BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Secur... | S | |
| CVE-2020-14781 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JNDI). Supporte... | | |
| CVE-2020-14782 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Sup... | | |
| CVE-2020-14783 | Vulnerability in the Oracle Hospitality RES 3700 product of Oracle Food and Beverage Applications (c... | S | |
| CVE-2020-14784 | Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Mobile Serv... | S | |
| CVE-2020-14785 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported ... | S | |
| CVE-2020-14786 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported version... | S | |
| CVE-2020-14787 | Vulnerability in the Oracle Communications Diameter Signaling Router (DSR) product of Oracle Communi... | S | |
| CVE-2020-14788 | Vulnerability in the Oracle Communications Diameter Signaling Router (DSR) product of Oracle Communi... | S | |
| CVE-2020-14789 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versio... | S | |
| CVE-2020-14790 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported version... | S | |
| CVE-2020-14791 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions th... | S | |
| CVE-2020-14792 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Hotspot). Suppo... | | |
| CVE-2020-14793 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported ... | S | |
| CVE-2020-14794 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported ... | S | |
| CVE-2020-14795 | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA ... | S | |
| CVE-2020-14796 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Sup... | | |
| CVE-2020-14797 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Sup... | | |
| CVE-2020-14798 | Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Sup... | | |
| CVE-2020-14799 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption).... | S | |
| CVE-2020-14800 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption).... | S | |
| CVE-2020-14801 | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA ... | S | |
| CVE-2020-14802 | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA ... | S | |
| CVE-2020-14803 | Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions th... | S | |
| CVE-2020-14804 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: FTS). Supported versio... | S | |
| CVE-2020-14805 | Vulnerability in the Oracle E-Business Suite Secure Enterprise Search product of Oracle E-Business S... | S | |
| CVE-2020-14806 | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Quer... | S | |
| CVE-2020-14807 | Vulnerability in the Oracle Hospitality Suite8 product of Oracle Hospitality Applications (component... | S | |
| CVE-2020-14808 | Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: User Int... | | |
| CVE-2020-14809 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported ... | | |
| CVE-2020-14810 | Vulnerability in the Oracle Hospitality Suite8 product of Oracle Hospitality Applications (component... | | |
| CVE-2020-14811 | Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component: AMP ... | | |
| CVE-2020-14812 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Supported ve... | | |
| CVE-2020-14813 | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA ... | | |
| CVE-2020-14814 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versio... | | |
| CVE-2020-14815 | Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middle... | | |
| CVE-2020-14816 | Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Admin... | | |
| CVE-2020-14817 | Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Admin... | | |
| CVE-2020-14818 | Vulnerability in the Oracle Solaris product of Oracle Systems (component: Utility). The supported ve... | | |
| CVE-2020-14819 | Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Pr... | | |
| CVE-2020-14820 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). S... | | |
| CVE-2020-14821 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions th... | | |
| CVE-2020-14822 | Vulnerability in the Oracle Installed Base product of Oracle E-Business Suite (component: APIs). Sup... | | |
| CVE-2020-14823 | Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: ... | | |
| CVE-2020-14824 | Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Ora... | | |
| CVE-2020-14825 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). S... | | |
| CVE-2020-14826 | Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite (component: SQL ... | | |
| CVE-2020-14827 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). ... | | |
| CVE-2020-14828 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versio... | | |
| CVE-2020-14829 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions th... | | |
| CVE-2020-14830 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported ... | | |
| CVE-2020-14831 | Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Admin... | | |
| CVE-2020-14832 | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Inte... | | |
| CVE-2020-14833 | Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: User Int... | | |
| CVE-2020-14834 | Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: User Int... | | |
| CVE-2020-14835 | Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Admin... | | |
| CVE-2020-14836 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported ... | | |
| CVE-2020-14837 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported ... | S | |
| CVE-2020-14838 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges).... | S | |
| CVE-2020-14839 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported ... | S | |
| CVE-2020-14840 | Vulnerability in the Oracle Application Object Library product of Oracle E-Business Suite (component... | S | |
| CVE-2020-14841 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). S... | S | |
| CVE-2020-14842 | Vulnerability in the BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Secur... | S | |
| CVE-2020-14843 | Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middle... | S | |
| CVE-2020-14844 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported version... | S | |
| CVE-2020-14845 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported ... | S | |
| CVE-2020-14846 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported ... | S | |
| CVE-2020-14847 | Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Quer... | | |
| CVE-2020-14848 | Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions th... | | |
| CVE-2020-14849 | Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Admin... | | |
| CVE-2020-14850 | Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: ... | | |
| CVE-2020-14851 | Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: User Int... | | |
| CVE-2020-14852 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Charsets). Supported v... | | |
| CVE-2020-14853 | Vulnerability in the MySQL Cluster product of Oracle MySQL (component: Cluster: NDBCluster Plugin). ... | | |
| CVE-2020-14854 | Vulnerability in the Hyperion Infrastructure Technology product of Oracle Hyperion (component: UI an... | | |
| CVE-2020-14855 | Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Work... | | |
| CVE-2020-14856 | Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: User Int... | | |
| CVE-2020-14857 | Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: User Int... | | |
| CVE-2020-14858 | Vulnerability in the Oracle Hospitality OPERA 5 Property Services product of Oracle Hospitality Appl... | | |
| CVE-2020-14859 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). S... | | |
| CVE-2020-14860 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Roles). Supp... | | |
| CVE-2020-14861 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported ... | | |
| CVE-2020-14862 | Vulnerability in the Oracle Universal Work Queue product of Oracle E-Business Suite (component: Inte... | | |
| CVE-2020-14863 | Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Pr... | | |
| CVE-2020-14864 | Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middle... | KEV | |
| CVE-2020-14865 | Vulnerability in the PeopleSoft Enterprise SCM eSupplier Connection product of Oracle PeopleSoft (co... | | |
| CVE-2020-14866 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported ... | S | |
| CVE-2020-14867 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versio... | | |
| CVE-2020-14868 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported ... | | |
| CVE-2020-14869 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). ... | | |
| CVE-2020-14870 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: X Plugin). Supported v... | | |
| CVE-2020-14871 | Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication m... | KEV E S | |
| CVE-2020-14872 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The su... | | |
| CVE-2020-14873 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Logging). Supported ve... | | |
| CVE-2020-14874 | Vulnerability in the Oracle Cloud Infrastructure Identity and Access Management product of Oracle Cl... | | |
| CVE-2020-14875 | Vulnerability in the Oracle Marketing product of Oracle E-Business Suite (component: Marketing Admin... | | |
| CVE-2020-14876 | Vulnerability in the Oracle Trade Management product of Oracle E-Business Suite (component: User Int... | | |
| CVE-2020-14877 | Vulnerability in the Oracle Hospitality OPERA 5 Property Services product of Oracle Hospitality Appl... | | |
| CVE-2020-14878 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). ... | | |
| CVE-2020-14879 | Vulnerability in the BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite -... | | |
| CVE-2020-14880 | Vulnerability in the BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite -... | | |
| CVE-2020-14881 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The su... | | |
| CVE-2020-14882 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console)... | KEV E | |
| CVE-2020-14883 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console)... | KEV | |
| CVE-2020-14884 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The su... | | |
| CVE-2020-14885 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The su... | | |
| CVE-2020-14886 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The su... | | |
| CVE-2020-14887 | Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applicat... | | |
| CVE-2020-14888 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported ... | | |
| CVE-2020-14889 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The su... | | |
| CVE-2020-14890 | Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Application... | | |
| CVE-2020-14891 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported ... | | |
| CVE-2020-14892 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The su... | | |
| CVE-2020-14893 | Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported ... | | |
| CVE-2020-14894 | Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applicati... | | |
| CVE-2020-14895 | Vulnerability in the Oracle Utilities Framework product of Oracle Utilities Applications (component:... | | |
| CVE-2020-14896 | Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (comp... | | |
| CVE-2020-14897 | Vulnerability in the Oracle FLEXCUBE Direct Banking product of Oracle Financial Services Application... | | |
| CVE-2020-14898 | Vulnerability in the Oracle Application Express Packaged Apps component of Oracle Database Server. T... | | |
| CVE-2020-14899 | Vulnerability in the Oracle Application Express Data Reporter component of Oracle Database Server. T... | | |
| CVE-2020-14900 | Vulnerability in the Oracle Application Express Group Calendar component of Oracle Database Server. ... | | |
| CVE-2020-14901 | Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that ... | | |
| CVE-2020-14926 | CMS Made Simple 2.2.14 allows XSS via a Search Term to the admin/moduleinterface.php?mact=ModuleMana... | E | |
| CVE-2020-14927 | Navigate CMS 2.9 allows XSS via the Alias or Real URL field of the "Web Sites > Create > Aliases > A... | E S | |
| CVE-2020-14928 | evolution-data-server (eds) through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3... | E S | |
| CVE-2020-14929 | Alpine before 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain c... | S | |
| CVE-2020-14930 | An issue was discovered in BT CTROMS Terminal OS Port Portal CT-464. Account takeover can occur beca... | E | |
| CVE-2020-14931 | A stack-based buffer overflow in DMitry (Deepmagic Information Gathering Tool) 1.3a might allow remo... | E | |
| CVE-2020-14932 | compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates fro... | | |
| CVE-2020-14933 | compose.php in SquirrelMail 1.4.22 calls unserialize for the $attachments value, which originates fr... | | |
| CVE-2020-14934 | Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the SNMP agent. The function pars... | E | |
| CVE-2020-14935 | Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the SNMP bulk get request respons... | E | |
| CVE-2020-14936 | Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the SNMP agent. Functions parsing... | | |
| CVE-2020-14937 | Memory access out of buffer boundaries issues was discovered in Contiki-NG 4.4 through 4.5, in the S... | E | |
| CVE-2020-14938 | An issue was discovered in map.c in FreedroidRPG 1.0rc2. It assumes lengths of data sets read from s... | E | |
| CVE-2020-14939 | An issue was discovered in savestruct_internal.c in FreedroidRPG 1.0rc2. Saved game files are compos... | E | |
| CVE-2020-14940 | An issue was discovered in io/gpx/GPXDocumentReader.java in TuxGuitar 1.5.4. It uses misconfigured X... | E S | |
| CVE-2020-14942 | Tendenci 12.0.10 allows unrestricted deserialization in apps\helpdesk\views\staff.py.... | | |
| CVE-2020-14943 | The Firstname and Lastname parameters in Global RADAR BSA Radar 1.6.7234.24750 and earlier are vulne... | E | |
| CVE-2020-14944 | Global RADAR BSA Radar 1.6.7234.24750 and earlier lacks valid authorization controls in multiple fun... | E | |
| CVE-2020-14945 | A privilege escalation vulnerability exists within Global RADAR BSA Radar 1.6.7234.24750 and earlier... | E | |
| CVE-2020-14946 | downloadFile.ashx in the Administrator section of the Surveillance module in Global RADAR BSA Radar ... | E | |
| CVE-2020-14947 | OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require/commandLine... | E S | |
| CVE-2020-14950 | aaPanel through 6.6.6 allows remote authenticated users to execute arbitrary commands via shell meta... | E | |
| CVE-2020-14954 | Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, ... | S | |
| CVE-2020-14955 | In Jiangmin Antivirus 16.0.13.129, the driver file (KVFG.sys) allows local users to cause a denial o... | E | |
| CVE-2020-14956 | In Windows cleaning assistant 3.2, the driver file (AtpKrnl.sys) allows local users to cause a denia... | | |
| CVE-2020-14957 | In Windows cleaning assistant 3.2, the driver file (AtpKrnl.sys) allows local users to cause a denia... | | |
| CVE-2020-14958 | In Gogs 0.11.91, MakeEmailPrimary in models/user_mail.go lacks a "not the owner of the email" check.... | S | |
| CVE-2020-14959 | Multiple XSS vulnerabilities in the Easy Testimonials plugin before 3.6 for WordPress allow remote a... | E | |
| CVE-2020-14960 | A SQL injection vulnerability in PHP-Fusion 9.03.50 affects the endpoint administration/comments.php... | E S | |
| CVE-2020-14961 | Concrete5 before 8.5.3 does not constrain the sort direction to a valid asc or desc value.... | S | |
| CVE-2020-14962 | Multiple XSS vulnerabilities in the Final Tiles Gallery plugin before 3.4.19 for WordPress allow rem... | E | |
| CVE-2020-14965 | On TP-Link TL-WR740N v4 and TL-WR740ND v4 devices, an attacker with access to the admin panel can in... | | |
| CVE-2020-14966 | An issue was discovered in the jsrsasign package through 8.0.18 for Node.js. It allows a malleabilit... | E | |
| CVE-2020-14967 | An issue was discovered in the jsrsasign package before 8.0.18 for Node.js. Its RSA PKCS1 v1.5 decry... | E | |
| CVE-2020-14968 | An issue was discovered in the jsrsasign package before 8.0.17 for Node.js. Its RSASSA-PSS (RSA-PSS)... | E | |
| CVE-2020-14969 | app/Model/Attribute.php in MISP 2.4.127 lacks an ACL lookup on attribute correlations. This occurs w... | S | |
| CVE-2020-14971 | Pi-hole through 5.0 allows code injection in piholedhcp (the Static DHCP Leases section) by modifyin... | S | |
| CVE-2020-14972 | Multiple SQL injection vulnerabilities in Sourcecodester Pisay Online E-Learning System 1.0 allow re... | E | |
| CVE-2020-14973 | The loginForm within the general/login.php webpage in webTareas 2.0p8 suffers from a Reflected Cross... | E | |
| CVE-2020-14974 | The driver in IOBit Unlocker 1.1.2 allows a low-privileged user to unlock a file and kill processes ... | E S | |
| CVE-2020-14975 | The driver in IOBit Unlocker 1.1.2 allows a low-privileged user to delete, move, or copy arbitrary f... | E | |
| CVE-2020-14976 | GNS3 ubridge through 0.9.18 on macOS, as used in GNS3 server before 2.1.17, allows a local attacker ... | E S | |
| CVE-2020-14977 | An issue was discovered in F-Secure SAFE 17.7 on macOS. The XPC services use the PID to identify the... | E | |
| CVE-2020-14978 | An issue was discovered in F-Secure SAFE 17.7 on macOS. Due to incorrect client version verification... | E | |
| CVE-2020-14979 | The WinRing0.sys and WinRing0x64.sys drivers 1.2.0 in EVGA Precision X1 through 1.0.6 allow local us... | | |
| CVE-2020-14980 | The Sophos Secure Email application through 3.9.4 for Android has Missing SSL Certificate Validation... | | |
| CVE-2020-14981 | The ThreatTrack VIPRE Password Vault app through 1.100.1090 for iOS has Missing SSL Certificate Vali... | | |
| CVE-2020-14982 | A Blind SQL Injection vulnerability in Kronos WebTA 3.8.x and later before 4.0 (affecting the com.th... | E | |
| CVE-2020-14983 | The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled num_pl... | E S | |
| CVE-2020-14987 | An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 through 14.2.2. It allows remo... | E | |
| CVE-2020-14988 | An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 through 14.2.2. It allows XSS ... | E | |
| CVE-2020-14989 | An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 through 14.2.2. It allows CSRF... | E | |
| CVE-2020-14990 | IOBit Advanced SystemCare Free 13.5.0.263 allows local users to gain privileges for file deletion by... | E | |
| CVE-2020-14993 | A stack-based buffer overflow on DrayTek Vigor2960, Vigor3900, and Vigor300B devices before 1.5.1.1 ... | E | |
| CVE-2020-14999 | A logic bug in system monitoring driver of Acronis Agent after 12.5.21540 and before 12.5.23094 allo... | |