CVE-2018-3004

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2,12.2.0.1 and 18.2. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple...

CVE-2017-10282

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows high privileged attacker having Create Session, Execute Catalog Role privilege with network access via Oracle Net to...

CVE-2017-10120

Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that is affected is 12.1.0.2. Difficult to exploit vulnerability allows high privileged attacker having Create Session, Select Any Dictionary privilege with logon to the infrastructure where RDBMS...

Oracle Database Multiple Vulnerabilities (July 2017 CPU) (POODLE) (SWEET32)

The remote Oracle Database Server is missing the July 2017 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities : - A man-in-the-middle MitM information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting...

Oracle Support Tools SQL Trace Analyzer Component Remote Vulnerability

Oracle Support Tools is a set of Oracle Support Tools. SQL Trace Analyzer is one of the SQL trace analyzer components. A security vulnerability exists in the Create Session subcomponent of the SQL Trace Analyzer component of Oracle Support Tools, which can be exploited by remote attackers to...

Oracle Database Server has a remote vulnerability (CNVD-2015-02521)

Oracle Database is a large database of commercial nature. A remote vulnerability exists in Oracle Database Server that allows an attacker to gain 'Create Session' privileges using the 'Oracle Net' protocol...

Oracle Database Server has a remote vulnerability (CNVD-2015-02522)

Oracle Database is a large database of commercial nature. A remote vulnerability exists in Oracle Database Server that allows an attacker to gain 'Create Session' privileges using the 'Oracle Net' protocol...

Oracle Database Server Remote Vulnerability (CNVD-2015-00472)

Oracle Database is a large database of commercial nature. A remote vulnerability exists in Oracle Database Server that allows an attacker to gain 'Create Session' privileges using the 'Oracle Net' protocol...

Oracle Database Server Remote Vulnerability (CNVD-2015-00487)

Oracle Database is a large database of commercial nature. A remote vulnerability exists in Oracle Database Server that allows an attacker to gain 'Create Session' privileges using the 'Oracle Net' protocol...

Oracle Database Server Remote Vulnerability (CNVD-2015-00473)

Oracle Database is a large database of commercial nature. A remote vulnerability exists in Oracle Database Server that allows an attacker to gain 'Create Session' privileges using the 'Oracle Net' protocol...

Oracle Database Server Remote Vulnerability (CNVD-2015-00470)

Oracle Database is a large database of commercial nature. A remote vulnerability exists in Oracle Database Server that allows an attacker to gain 'Create Session, Create Table' privileges using the 'Oracle Net' protocol...

OPC UA Create Session Request Command

...

OPC UA Create Session Response Command

...

CVE-2012-3220

Unspecified vulnerability in the Spatial component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users with Create Session privileges to affect confidentiality, integrity, and availability via unknown vectors...

Design/Logic Flaw

Unspecified vulnerability in the Spatial component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users with Create Session privileges to affect confidentiality, integrity, and availability via unknown vectors...

CVE-2012-0534

Unspecified vulnerability in the RDBMS Core component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect integrity via unknown vectors related to Create Session...

Session fixation

Unspecified vulnerability in the RDBMS Core component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect integrity via unknown vectors related to Create Session...

CVE-2012-0534

Unspecified vulnerability in the RDBMS Core component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect integrity via unknown vectors related to Create Session...

Oracle Database Server REPCAT_RPC.VALIDATE_REMOTE_RC SQL Injection (CVE-2009-1021)

Oracle Database Server is an enterprise-level relational database application suite. An SQL injection vulnerability has been reported in Oracle Database server. Remote authenticated attackers having Create Session privileges can exploit this vulnerability to inject and execute malicious SQL...

Oracle 10g - SYS.DBMS_CDC_IMPDP.BUMP_SEQUENCE PL / SQL Injection

/ Exploit for Oracle10g R1 and R2 prior to CPU Oct 2006 Joxean Koret Privileges needed: - CREATE SESSION Max. Length 97. Very, very cool / select from userroleprivs ; DECLARE SEQUENCEOWNER VARCHAR2200; SEQUENCENAME VARCHAR2200; vuserid number; vcommands VARCHAR232767; NEWVALUE NUMBER; BEGIN SELEC...