PT-2023-9650 · Oracle · Oracle Database Server

Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 19.3 through 19.23 Oracle Database Server versions 21.3 through 21.14 Oracle Database Server version 23.4 Description: The issue is related to the Java VM component of Oracle Database Server, where an incorrect...

The vulnerability of the Oracle Notification Server component of the Oracle Database Server database management system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Oracle Notification Server component of the Oracle Database Server database management system is related to insufficient validation of input data. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Database Sharding component of the Oracle Database Server management system allows a hacker to perform a partial service outage.

The vulnerability of the Database Sharding component of the Oracle Database Server management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a partial service failure...

Oracle Database Server (October 2023 CPU)

The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2023 CPU advisory. - Vulnerability in the Oracle Spatial and Graph cURL component of Oracle Database Server. Supported versions that are affected are 19.3-19.2...

The vulnerability of the Java VM component of the Oracle Database Server management system allows a hacker to gain access to read, modify, or delete data.

The vulnerability of the Java VM component of the Oracle Database Server management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain access to read, modify, or delete data using the Oracle Net network protocol...

The vulnerability of the Database Sharding component of the Oracle Database Server system allows a hacker to perform a partial denial-of-service attack.

The vulnerability of the Database Sharding component of the Oracle Database Server management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to perform a partial denial-of-service attack remotely...

Vulnerabilities fixed in Oracle Database Server

Vulnerabilities have been fixed in Oracle Database Server products. A malicious party can exploit the vulnerabilities to perform attacks that can result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Bypassing security measure Oracle has...

CVE-2023-22096

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to compromise...

CVE-2023-22071

Vulnerability in the PL/SQL component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker having Create Session, Execute on sys.utlhttp privilege with network access via Oracle Net to...

CVE-2023-22073

Vulnerability in the Oracle Notification Server component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows unauthenticated attacker with access to the physical communication segment attached to the hardware wher...

Design/Logic Flaw

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to compromise...

Code injection

Vulnerability in the PL/SQL component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker having Create Session, Execute on sys.utlhttp privilege with network access via Oracle Net to...

CVE-2023-22096

CVE-2023-22096 affects Oracle Database Server, Java VM component. Affected: Oracle Database Server versions 19.3–19.20 and 21.3–21.11. Description states that a low-privileged attacker with Create Session and Create Procedure privileges and network access via Oracle Net can compromise the Java VM...

PT-2023-6197 · Oracle · Oracle Database Server

Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 19.3 through 19.20 Oracle Database Server versions 21.3 through 21.11 Description: The issue is related to insufficient input validation in the Database Sharding component of Oracle Database Server. This can be...

PT-2023-6300 · Oracle · Oracle Database Server

Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 19.3 through 19.20 Oracle Database Server versions 21.3 through 21.11 Description: The issue is related to insufficient input validation in the Oracle Notification Server component of Oracle Database Server. Th...

Oracle Database Server Security Vulnerability

Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing, and other functions. A security vulnerability in the PL/SQL component of Oracle Database Server, versions...

PT-2023-6192 · Oracle · Oracle Database Server

Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 19.3 through 19.20 Oracle Database Server versions 21.3 through 21.11 Description: The vulnerability in the PL/SQL component of Oracle Database Server is related to insufficient input validation. Exploitation o...

The vulnerability of the Advanced Networking Option component of the Oracle Database Server system allows a attacker to gain read, modify, add, or delete access to data.

The vulnerability of the Advanced Networking Option component of the Oracle Database Server management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain read, modify, add, or delete access to data...

The vulnerability of the Java VM component of the Oracle Database Server management system allows a hacker to gain access to read, modify, add, or delete data.

The vulnerability of the Java VM component of the Oracle Database Server management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain read, modify, add, or delete access to data...

Vulnerabilities fixed in Oracle Database Server

Vulnerabilities have been fixed in Oracle Database Server products. A malicious party can exploit the vulnerabilities to perform attacks that can result in the following categories of damage: Denial-of-Service DoS Manipulation of data Access to sensitive data Access to system data Oracle has fixe...