Lucene search
K

88 matches found

Tenable Nessus
Tenable Nessus
added 2011/11/16 12:0 a.m.99 views

Oracle Database Multiple Vulnerabilities (January 2006 CPU)

The remote Oracle database server is missing the January 2006 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Advanced Queuing - Change Data Capture - Connection Manager - Data Pump - Data Pump Metadata API - Dictionary - Java Net...

10CVSS5.4AI score0.0965EPSS
Exploits9References29
Tenable Nessus
Tenable Nessus
added 2011/11/16 12:0 a.m.58 views

Oracle Database Multiple Vulnerabilities (April 2008 CPU)

The remote Oracle database server is missing the April 2008 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Advanced Queuing - Audit - Authentication - Change Data Capture - Core RDBMS - Data Pump - Export - Oracle Enterprise...

10CVSS5.4AI score0.03EPSS
Exploits0References11
Tenable Nessus
Tenable Nessus
added 2011/11/16 12:0 a.m.53 views

Oracle Database Multiple Vulnerabilities (July 2006 CPU)

The remote Oracle database server is missing the July 2006 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Change Data Capture CDC - Core RDBMS - Data Pump Metadata API - Dictionary - Export - InterMedia - OCI - Oracle ODBC Driver...

10CVSS5.4AI score0.06403EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2011/11/16 12:0 a.m.52 views

Oracle Database Multiple Vulnerabilities (October 2005 CPU)

The remote Oracle database server is missing the October 2005 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Change Data Capture - Data Guard Logical Standby - Data Pump Export - Database Scheduler - Export - Locale - Materialize...

6.8CVSS5.4AI score0.21549EPSS
Exploits4References7
Tenable Nessus
Tenable Nessus
added 2011/11/16 12:0 a.m.54 views

Oracle Database Multiple Vulnerabilities (October 2006 CPU)

The remote Oracle database server is missing the October 2006 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Change Data Capture CDC - Core RDBMS - Database Scheduler - Oracle Spatial - XMLDB %NASLMINLEVEL 70300 C Tenable Network...

9CVSS5.4AI score0.04459EPSS
Exploits4References15
Tenable Nessus
Tenable Nessus
added 2010/11/18 12:0 a.m.53 views

Oracle Database Multiple Vulnerabilities (October 2010 CPU)

The remote Oracle database server is missing the October 2010 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Enterprise Manager Console - Java Virtual Machine - Change Data Capture - OLAP - Job Queue - XDK - Core RDBMS - Perl...

7.5CVSS6.1AI score0.09736EPSS
Exploits6References10
myhack58
myhack58
added 2010/11/08 12:0 a.m.34 views

Oracle database CREATE_CHANGE_SET the process of SQL injection vulnerabilities and patch-vulnerability warning-the black bar safety net

Vulnerability description: Oracle is a large commercial database system. Oracle database Change Data Capture components are provided in a DBMSCDCPUBLISH PL/SQL package, the package CREATECHANGESET process in the presence ofSQL injectionvulnerabilities. Malicious users can in a special parameter...

1.5AI score
Exploits0
seebug.org
seebug.org
added 2010/10/26 12:0 a.m.45 views

Oracle数据库CREATE_CHANGE_SET过程SQL注入漏洞

BUGTRAQ ID: 43956 CVE ID: CVE-2010-2415 Oracle是大型的商业数据库系统。 Oracle数据库的Change Data Capture组件中提供了一个DBMSCDCPUBLISH PL/SQL软件包,该软件包的CREATECHANGESET过程中存在SQL注入漏洞。恶意用户可以以特殊参数调用有漏洞的过程,导致以SYS用户的权限执行SQL语句。 利用这个漏洞要求拥有对SYS.DBMSCDCPUBLISH软件包的EXECUTE权限。默认下给予了EXECUTECATALOGROLE角色的用户拥有这个权限。 Oracle Database 11.2.0....

4.9CVSS6.4AI score0.09736EPSS
Exploits3
NVD
NVD
added 2010/10/14 2:0 a.m.22 views

CVE-2010-2415

Unspecified vulnerability in the Change Data Capture component in Oracle Database Server 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality and integrity, related to DBMSCDCPUBLISH...

4.9CVSS5.4AI score0.09736EPSS
Exploits3References2
Prion
Prion
added 2010/10/14 2:0 a.m.19 views

Design/Logic Flaw

Unspecified vulnerability in the Change Data Capture component in Oracle Database Server 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality and integrity, related to DBMSCDCPUBLISH...

4.9CVSS5.7AI score0.09736EPSS
Exploits3References2Affected Software1
Tenable Nessus
Tenable Nessus
added 2010/04/26 12:0 a.m.49 views

Oracle Database Multiple Vulnerabilities (April 2010 CPU)

The remote Oracle database server is missing the April 2010 Critical Patch Update CPU and therefore is potentially affected by security issues in the following components : - Core RDBMS - JavaVM - Change Data Capture - Audit %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

7.1CVSS5.4AI score0.1125EPSS
Exploits4References7
Prion
Prion
added 2010/04/13 10:30 p.m.22 views

Design/Logic Flaw

Unspecified vulnerability in the Change Data Capture component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMSCDCPUBLISH...

3.6CVSS5.7AI score0.12555EPSS
Exploits2References3Affected Software1
NVD
NVD
added 2010/04/13 10:30 p.m.20 views

CVE-2010-0870

Unspecified vulnerability in the Change Data Capture component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMSCDCPUBLISH...

3.6CVSS5.5AI score0.12555EPSS
Exploits2References3
CVE
CVE
added 2010/04/13 10:0 p.m.64 views

CVE-2010-0870

CVE-2010-0870 affects Oracle Database 9.2.0.8 and 9.2.0.8DV in the Change Data Capture component, related to SYS.DBMS_CDC_PUBLISH. Connected sources describe a SQL injection flaw in the DBMS_CDC_PUBLISH.DROP_CHANGE_SOURCE procedure that can be exploited by any user with execute privilege (default...

3.6CVSS5.6AI score0.12555EPSS
Exploits2References3Affected Software1
Cvelist
Cvelist
added 2010/04/13 10:0 p.m.22 views

CVE-2010-0870

Unspecified vulnerability in the Change Data Capture component in Oracle Database 9.2.0.8 and 9.2.0.8DV allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMSCDCPUBLISH...

5.5AI score0.12555EPSS
Exploits2References3
NVD
NVD
added 2008/10/14 9:11 p.m.35 views

CVE-2008-3996

Unspecified vulnerability in the Change Data Capture component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMSCDCIPUBLISH...

5.5CVSS5.4AI score0.09524EPSS
Exploits3References4
Prion
Prion
added 2008/10/14 9:11 p.m.21 views

Design/Logic Flaw

Unspecified vulnerability in the Change Data Capture component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to DBMSCDCPUBLISH...

5.5CVSS5.5AI score0.0954EPSS
Exploits2References5Affected Software2
Prion
Prion
added 2008/10/14 9:11 p.m.21 views

Design/Logic Flaw

Unspecified vulnerability in the Change Data Capture component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMSCDCIPUBLISH...

5.5CVSS5.5AI score0.09524EPSS
Exploits3References4Affected Software2
CVE
CVE
added 2008/10/14 9:0 p.m.99 views

CVE-2008-3995

CVE-2008-3995 affects Oracle Database (10gR1/10gR2/11gR1) Change Data Capture component. The root cause is an SQL injection in SYS.DBMS_CDC_PUBLISH.ALTER_AUTOLOG_CHANGE_SOURCE, exploitable by any user with EXECUTE privilege on the package. Impact per sources: remote authenticated access that can ...

5.5CVSS5.4AI score0.0954EPSS
Exploits2References5Affected Software2
CVE
CVE
added 2008/10/14 9:0 p.m.105 views

CVE-2008-3996

Oracle Database Change Data Capture vulnerability in SYS.DBMS_CDC_IPUBLISH.ALTER_HOTLOG_INTERNAL_CSOURCE allows SQL injection exploitable by any user with EXECUTE privilege on the package (10gR1, 10gR2, 11gR1). Remote attacker can execute injected SQL with SYS privileges; fix available via Octobe...

5.5CVSS5.4AI score0.09524EPSS
Exploits3References4Affected Software2
Rows per page
Query Builder