Lucene search
K

334 matches found

Tenable Nessus
Tenable Nessus
added 2010/07/14 12:0 a.m.44 views

Oracle Database Multiple Vulnerabilities (July 2010 CPU)

The remote Oracle database server is missing the July 2010 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Listener - Net Foundation Layer - Oracle OLAP - Application Express - Network Layer - Export %NASLMINLEVEL 70300 C Tenable...

7.8CVSS5.3AI score0.0187EPSS
Exploits0References7
CVE
CVE
added 2010/07/13 10:7 p.m.65 views

CVE-2010-0892

CVE-2010-0892 affects Oracle Application Express (Apex) within Oracle Database Server 3.2.0.00.27. The vulnerability is described as unspecified, allowing remote attackers to affect integrity via unknown vectors. Oracle’s July 2010 CPU documents this CVE under Oracle Database Server, with the Ape...

4.3CVSS6.1AI score0.00941EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2010/01/13 1:30 a.m.24 views

CVE-2010-0076

Unspecified vulnerability in the Application Express Application Builder component in Oracle Database 3.2.1.00.10 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...

6CVSS5.5AI score0.0096EPSS
Exploits0References2
CVE
CVE
added 2010/01/13 1:0 a.m.57 views

CVE-2010-0076

CVE-2010-0076 affects Oracle Database 3.2.1.00.10 (Application Express Application Builder). An unspecified vulnerability allows remote, authenticated attackers to impact confidentiality, integrity, and availability via unpublished vectors. CVSS 2.0 base score 6.0 (Network, Medium complexity, sin...

6CVSS5.7AI score0.0096EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2009/10/22 6:30 p.m.22 views

CVE-2009-1993

Unspecified vulnerability in the Application Express component in Oracle Database 3.0.1 allows remote authenticated users to affect confidentiality and integrity, related to FLOWS030000.WWVEXECUTEIMMEDIATE...

5.5CVSS5.4AI score0.01964EPSS
Exploits0References5
Cvelist
Cvelist
added 2009/10/22 6:0 p.m.20 views

CVE-2009-1993

Unspecified vulnerability in the Application Express component in Oracle Database 3.0.1 allows remote authenticated users to affect confidentiality and integrity, related to FLOWS030000.WWVEXECUTEIMMEDIATE...

5.4AI score0.01964EPSS
Exploits0References5
CVE
CVE
added 2009/10/22 6:0 p.m.64 views

CVE-2009-1993

CVE-2009-1993 affects Oracle Application Express (Apex) within Oracle Database 3.0.1. The vulnerability allows remote authenticated users to affect confidentiality and integrity through FLOWS_030000.WWV_EXECUTE_IMMEDIATE. The October 2009 CPU includes a fix for this, as part of the Oracle Databas...

5.5CVSS5.4AI score0.01964EPSS
Exploits0References5Affected Software1
seebug.org
seebug.org
added 2009/04/21 12:0 a.m.24 views

Oracle存在多个安全漏洞

CNCAN ID:CNCAN-2009041604 多个Oracle产品存在漏洞,可导致SQL注入,泄漏敏感信息或使攻击者破坏系统: -Oracle Process Manager和Notification opmn守护程序存在格式串错误,提交特殊构建的POST请求给port 6000/TCP可导致任意代码执行。 -传递给"DBMSAQIN"的输入在使用前缺少过滤,可导致注入任意SQL代码。 -Oracle数据库包含的Application Express组件存在错误,非特权用户可以获得"LOWS030000.WWVFLOWUSER"中的APEX密码HASH。 目前还存在多个未知漏洞。...

7AI score
Exploits0
Prion
Prion
added 2009/04/15 10:30 a.m.21 views

Design/Logic Flaw

Unspecified vulnerability in the Application Express component in Oracle Database 11.1.0.7 allows remote authenticated users to affect confidentiality, related to APEX. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable researcher claims that...

4CVSS5.9AI score0.05281EPSS
Exploits6References9Affected Software1
Prion
Prion
added 2008/10/14 9:11 p.m.19 views

Design/Logic Flaw

Unspecified vulnerability in the Oracle Application Express component in Oracle Database 11.1.0.6 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...

4.3CVSS5.5AI score0.01039EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2008/10/14 9:0 p.m.102 views

CVE-2008-4005

CVE-2008-4005 affects Oracle Database 11.1.0.6 via the Oracle Application Express component. The Nessus/OSS content confirms an unspecified vulnerability allowing remote authenticated users to affect confidentiality, integrity, and availability through unknown vectors. A patch is noted: Oracle Ap...

4.3CVSS5.5AI score0.01039EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2008/10/14 9:0 p.m.23 views

CVE-2008-4005

Unspecified vulnerability in the Oracle Application Express component in Oracle Database 11.1.0.6 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...

5.5AI score0.01039EPSS
Exploits1References5
Prion
Prion
added 2008/04/16 10:5 a.m.11 views

Design/Logic Flaw

Unspecified vulnerability in the Oracle Application Express component in Oracle Application Express 3.0.1 has unknown impact and remote attack vectors, aka APEX02...

10CVSS6.7AI score0.02131EPSS
Exploits0References9Affected Software1
Prion
Prion
added 2008/04/16 10:5 a.m.15 views

Authorization

Unspecified vulnerability in Oracle Application Express 3.0.1 has unspecified impact and remote authenticated attack vectors related to flows030000.wwvexecuteimmediate, aka APEX01. NOTE: the previous information was obtained from the April 2008 CPU. Oracle has not commented on reliable researcher...

5.5CVSS7.3AI score0.02057EPSS
Exploits0References10Affected Software1
NVD
NVD
added 2008/04/16 10:5 a.m.14 views

CVE-2008-1811

Unspecified vulnerability in Oracle Application Express 3.0.1 has unspecified impact and remote authenticated attack vectors related to flows030000.wwvexecuteimmediate, aka APEX01. NOTE: the previous information was obtained from the April 2008 CPU. Oracle has not commented on reliable researcher...

5.5CVSS6.6AI score0.02057EPSS
Exploits0References10
Cvelist
Cvelist
added 2008/04/16 10:0 a.m.20 views

CVE-2008-1811

Unspecified vulnerability in Oracle Application Express 3.0.1 has unspecified impact and remote authenticated attack vectors related to flows030000.wwvexecuteimmediate, aka APEX01. NOTE: the previous information was obtained from the April 2008 CPU. Oracle has not commented on reliable researcher...

6.6AI score0.02057EPSS
Exploits0References10
CVE
CVE
added 2008/04/16 10:0 a.m.48 views

CVE-2008-1822

CVE-2008-1822 describes an unspecified vulnerability in the Oracle Application Express component of Oracle Application Express 3.0.1 (aka APEX02). The connected sources indicate the issue has unknown impact and remote attack vectors, with a NVD CVSS v2 base score of 10.0 (HIGH). There are no prov...

10CVSS6.2AI score0.02131EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2008/04/16 10:0 a.m.55 views

CVE-2008-1811

CVE-2008-1811 relates to Oracle Application Express 3.0.1. The vulnerability lies in the flows_030000.wwv_execute_immediate.run_ddl function within the wwv_execute_immediate package, in the flows_030000 schema, enabling privilege escalation by certain remote authenticated users (non-DBA). The iss...

5.5CVSS6.6AI score0.02057EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 2008/04/16 10:0 a.m.20 views

CVE-2008-1822

Unspecified vulnerability in the Oracle Application Express component in Oracle Application Express 3.0.1 has unknown impact and remote attack vectors, aka APEX02...

6.2AI score0.02131EPSS
Exploits0References9
securityvulns
securityvulns
added 2008/04/16 12:0 a.m.64 views

iDefense Security Advisory 04.15.08: Oracle Application Express Privilege Escalation Vulnerability

iDefense Security Advisory 04.15.08 http://labs.idefense.com/intelligence/vulnerabilities/ Apr 15, 2008 I. BACKGROUND Oracle Application Express Oracle APEX, formerly called HTML DB, is a rapid web application development tool for the Oracle database. For more information about Oracle Application...

5.5CVSS0.5AI score0.02057EPSS
Exploits0
Rows per page
Query Builder