Oracle

Application Express

47 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2020-2973

  • EPSS 0.19%
  • Published 15.07.2020 18:15:38
  • Last modified 21.11.2024 05:26:45

Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker having SQL Workshop privilege with network access ...

5.4

CVE-2020-2974

  • EPSS 0.19%
  • Published 15.07.2020 18:15:38
  • Last modified 21.11.2024 05:26:45

Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker having SQL Workshop privilege with network access ...

5.4

CVE-2020-2975

  • EPSS 0.19%
  • Published 15.07.2020 18:15:38
  • Last modified 21.11.2024 05:26:45

Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker having SQL Workshop privilege with network access ...

5.4

CVE-2020-2976

  • EPSS 0.19%
  • Published 15.07.2020 18:15:38
  • Last modified 21.11.2024 05:26:46

Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker having SQL Workshop privilege with network access ...

4.9

CVE-2020-2977

  • EPSS 0.19%
  • Published 15.07.2020 18:15:38
  • Last modified 21.11.2024 05:26:46

Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network a...

5.4

CVE-2020-2513

  • EPSS 0.28%
  • Published 15.07.2020 18:15:37
  • Last modified 21.11.2024 05:25:24

Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker having SQL Workshop privilege with network access ...

6.1

CVE-2020-11023

Warning Exploit
  • EPSS 21.32%
  • Published 29.04.2020 21:15:11
  • Last modified 24.01.2025 02:00:02

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may ex...

4.9

CVE-2020-2514

  • EPSS 0.42%
  • Published 15.04.2020 14:15:21
  • Last modified 21.11.2024 05:25:24

Vulnerability in the Oracle Application Express component of Oracle Database Server. The supported version that is affected is Prior to 19.2. Easily exploitable vulnerability allows low privileged attacker having End User Role privilege with network ...

6.1

CVE-2020-9281

  • EPSS 0.77%
  • Published 07.03.2020 01:15:15
  • Last modified 21.11.2024 05:40:20

A cross-site scripting (XSS) vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted "protected" comment (with the cke_protected syntax).

6.1

CVE-2019-10219

  • EPSS 1.67%
  • Published 08.11.2019 15:15:11
  • Last modified 07.07.2025 14:15:21

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.