CVE-2020-9488
- EPSS 8.1%
- Veröffentlicht 27.04.2020 16:15:12
- Zuletzt bearbeitet 29.05.2026 18:16:27
Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. Fixed in Apache Lo...
CVE-2020-1967
- EPSS 53.34%
- Veröffentlicht 21.04.2020 14:15:11
- Zuletzt bearbeitet 21.11.2024 05:11:45
Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occur...
CVE-2020-2868
- EPSS 1.02%
- Veröffentlicht 15.04.2020 14:15:32
- Zuletzt bearbeitet 21.11.2024 05:26:29
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Diagnostic Framework). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with...
CVE-2020-2859
- EPSS 1.76%
- Veröffentlicht 15.04.2020 14:15:31
- Zuletzt bearbeitet 21.11.2024 05:26:28
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: nVision). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network acce...
CVE-2020-2782
- EPSS 1.04%
- Veröffentlicht 15.04.2020 14:15:27
- Zuletzt bearbeitet 21.11.2024 05:26:15
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Query). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network access...
CVE-2020-2797
- EPSS 1.02%
- Veröffentlicht 15.04.2020 14:15:27
- Zuletzt bearbeitet 21.11.2024 05:26:17
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Process Scheduler). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with ne...
CVE-2020-2775
- EPSS 1.37%
- Veröffentlicht 15.04.2020 14:15:26
- Zuletzt bearbeitet 21.11.2024 05:26:14
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network acces...
CVE-2020-2776
- EPSS 1.76%
- Veröffentlicht 15.04.2020 14:15:26
- Zuletzt bearbeitet 21.11.2024 05:26:14
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Security). Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access vi...
CVE-2020-2751
- EPSS 1.02%
- Veröffentlicht 15.04.2020 14:15:25
- Zuletzt bearbeitet 21.11.2024 05:26:09
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via ...
CVE-2020-1954
- EPSS 6.15%
- Veröffentlicht 01.04.2020 21:15:14
- Zuletzt bearbeitet 21.11.2024 05:11:43
Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the ‘createMBServerConnectorFactory‘ property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to...