CVE-2024-21242

Vulnerability in the XML Database component of Oracle Database Server. Supported versions that are affected are 19.3-19.24, 21.3-21.15 and 23.4-23.5. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via HTTP to compromise XML...

CVE-2024-21233

Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported versions that are affected are 19.3-19.24, 21.3-21.15 and 23.4-23.5. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to...

Oracle Database Server 安全漏洞

Oracle Database Server is a relational database management system from the American company Oracle. The database management system provides data management, distributed processing, and other functions. A security vulnerability exists in Oracle Database Server's XML Database. An attacker exploitin...

Oracle Database Server 安全漏洞

Oracle Database Server is a relational database management system from Oracle Corporation USA. This database management system provides data management, distributed processing, and other functions. A security vulnerability exists in the Java VM of Oracle Database Server. An attacker exploiting th...

Oracle DB SQL Injection Via SYS.DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.DBMSCDCSUBSCRIBE.ACTIVATESUBSCRIPTION', 'Description' = %q This module will escalate an Oracle DB user to DBA by...

The vulnerability of the Java VM component of the Oracle Database Server system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Java VM component of the Oracle Database Server management system is related to the disclosure of information. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

Oracle Database Server (Jul 2024 CPU)

The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2024 CPU advisory. - Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be...

Vulnerabilities fixed in Oracle Database Server

Vulnerabilities have been fixed in Oracle Database Server. A malicious party can exploit the vulnerabilities to carry out attacks that can result in the following categories of damage: Denial-of-Service DoS. Access to sensitive data Manipulation of data Circumvention of security measure Oracle ha...

CVE-2024-21184

Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server. Supported versions that are affected are 19.3-19.23. Easily exploitable vulnerability allows high privileged attacker having Execute on SYS.XSDIAG privilege with network access via Oracle Net to compromise...

CVE-2024-21174

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.23, 21.3-21.14 and 23.4. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to...

CVE-2024-21174

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.23, 21.3-21.14 and 23.4. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to...

CVE-2024-21174

CVE-2024-21174 affects Oracle Database Server's Java VM component across 19.3–19.23, 21.3–21.14, and 23.4. The root cause is improper resource clearance/release in the Java VM, allowing a low-privileged attacker with Create Session and Create Procedure privileges and network access via Oracle Net...

PT-2024-4992 · Oracle · Oracle Database Server +1

Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 19.3 through 19.23 Oracle Database Server versions 21.3 through 21.14 Description: The issue is related to insufficient input validation in the Oracle Database Portable Clusterware component, allowing an...

Oracle MySQL 安全漏洞

Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server, which can be exploited by attackers to cause MySQL Server to hang without authorization or crash frequently and repeatedly full DOS...

PT-2024-4993 · Oracle · Oracle Database Server

Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 19.3 through 19.23 Description: The issue is related to insufficient input validation in the Oracle Database Core component. This allows a high-privileged attacker with SYSDBA privilege and logon access to the...

The vulnerability of the RDBMS component of the database management system Oracle Database Server allows a hacker to gain unauthorized access to protected information.

The vulnerability of the RDBMS component of the database management system, Oracle Database Server, is related to the disclosure of information. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

Vulnerability of the Server component: The Audit Plug-in of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the Server component: The Audit Plug-in of the Oracle MySQL Server database management system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions using the MySQL protocol...

Vulnerability of the Server component: The DML of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.

The vulnerability of the Oracle MySQL Server component is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to cause service interruptions using the MySQL protocol...

Vulnerability of the Server component: The Oracle MySQL Server database management system’s DDL functions allow a hacker to cause a service failure.

Vulnerability of the Server component: The DDL system for managing databases, Oracle MySQL Server, has vulnerabilities related to inadequate access control. Exploitation of these vulnerabilities could allow an attacker to cause service interruptions using the MySQL protocol...

mysql: Server: DML unspecified vulnerability (CPU Oct 2023)

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: DML. Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks o...