Oracle

Enterprise Manager Ops Center

107 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2020-11984

Exploit
  • EPSS 76.31%
  • Veröffentlicht 07.08.2020 16:15:11
  • Zuletzt bearbeitet 21.11.2024 04:59:02

Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE

7.5

CVE-2020-11993

Exploit
  • EPSS 38.85%
  • Veröffentlicht 07.08.2020 16:15:11
  • Zuletzt bearbeitet 01.05.2025 15:40:19

Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLev...

5.5

CVE-2020-15358

Exploit
  • EPSS 0.04%
  • Veröffentlicht 27.06.2020 12:15:11
  • Zuletzt bearbeitet 21.11.2024 05:05:24

In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.

5.9

CVE-2020-14422

  • EPSS 0.69%
  • Veröffentlicht 18.06.2020 14:15:11
  • Zuletzt bearbeitet 21.11.2024 05:03:13

Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary...

7.5

CVE-2020-13871

Exploit
  • EPSS 2.44%
  • Veröffentlicht 06.06.2020 16:15:10
  • Zuletzt bearbeitet 21.11.2024 05:02:02

SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late.

6.3

CVE-2020-1945

  • EPSS 0.02%
  • Veröffentlicht 14.05.2020 16:15:12
  • Zuletzt bearbeitet 21.11.2024 05:11:42

Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files fr...

6.1

CVE-2020-11022

Exploit
  • EPSS 22.55%
  • Veröffentlicht 29.04.2020 22:15:11
  • Zuletzt bearbeitet 21.11.2024 04:56:36

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This prob...

7.5

CVE-2020-1967

Exploit
  • EPSS 66.69%
  • Veröffentlicht 21.04.2020 14:15:11
  • Zuletzt bearbeitet 21.11.2024 05:11:45

Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occur...

7.5

CVE-2020-11655

Exploit
  • EPSS 4.89%
  • Veröffentlicht 09.04.2020 03:15:11
  • Zuletzt bearbeitet 21.11.2024 04:58:20

SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.

9.8

CVE-2020-11656

  • EPSS 8.47%
  • Veröffentlicht 09.04.2020 03:15:11
  • Zuletzt bearbeitet 21.11.2024 04:58:20

In SQLite through 3.31.1, the ALTER TABLE implementation has a use-after-free, as demonstrated by an ORDER BY clause that belongs to a compound SELECT statement.