Oracle Database Server (Jul 2023 CPU)

The 19c and 21c versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the July CPU advisory. - Vulnerability in the Oracle Text LibExpat component of Oracle Database Server. Supported versions that are affected are 19.3-19.19 and...

CVE-2023-22034

Vulnerability in the Unified Audit component of Oracle Database Server. Supported versions that are affected are 19.3-19.19 and 21.3-21.10. Easily exploitable vulnerability allows high privileged attacker having SYSDBA privilege with network access via Oracle Net to compromise Unified Audit...

CVE-2023-21949

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 19.3-19.19 and 21.3-21.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option...

Design/Logic Flaw

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 19.3-19.19 and 21.3-21.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option...

CVE-2023-22034

The CVE-2023-22034 issue affects Oracle Database Server Unified Audit component. Affected versions are 19.3–19.19 and 21.3–21.10. The root cause is described as insufficient input validation, enabling a high-privileged SYSDBA attacker with network access via Oracle Net to compromise Unified Audit...

PT-2023-3643 · Oracle · Oracle Database Server

Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 19.3 through 19.19 Oracle Database Server versions 21.3 through 21.10 Description: The issue is related to insufficient input validation in the Unified Audit component of Oracle Database Server. It allows a...

Oracle Database Server 安全漏洞

Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. A security vulnerability exists in the Advanced Networking Option component of Oracle...

Oracle Database Server 安全漏洞

Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. A security vulnerability exists in the Unified Audit component of Oracle Database Serve...

Security Bulletin: A vulnerability in the Oracle Data Provider may affect IBM Robotic Process Automation and result in an attacker gaining elevated privileges (CVE-2023-21893).

Summary Oracle Data Provider is used by IBM Robotic Process Automation as part of SQL Server database connectivity. CVE-2023-21893. Vulnerability Details CVEID:CVE-2023-21893 DESCRIPTION: Oracle Database Server could allow a remote attacker to gain elevated privileges on the system, caused by an...

Oracle Patch Tuesday April 2023 Security Update Review

Oracle has released the second quarterly edition of Critical Patch Update, which contains a group of patches for 433 security vulnerabilities. Some of the vulnerabilities addressed this month impact various products. These patches address vulnerabilities in Oracle code and third-party components...

Oracle Database Server (Apr 2023 CPU)

The 19c and 21c versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2023 CPU advisory. - Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Difficul...

CVE-2023-21934

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Difficult to exploit vulnerability allows low privileged attacker having User Account privilege with network access via TLS to compromise Java VM. Successful attacks of this...

Design/Logic Flaw

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Difficult to exploit vulnerability allows low privileged attacker having User Account privilege with network access via TLS to compromise Java VM. Successful attacks of this...

Oracle MySQL 安全漏洞

Oracle MySQL Server is a relational database from Oracle Corporation. Oracle MySQL Server has a security vulnerability that can be exploited by attackers to cause a takeover of MySQL Server...

PT-2023-2526 · Oracle · Oracle Database Server

Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 19c and 21c Description: The issue is related to insufficient input validation in the Java VM component of the Oracle Database Server. This can be exploited by a remote attacker to gain read, modify, add, or...

Oracle Database Server 安全漏洞

Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. A security vulnerability exists in Oracle Database Server versions 19c and 21c. An...

PT-2023-2642 · Oracle · Oracle Database Server

Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 19c through 21c Description: The issue exists due to insufficient input validation in the Oracle Database Recovery Manager component of Oracle Database Server. This can be exploited by a remote attacker to caus...

Oracle Database Server 安全漏洞

Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. A security vulnerability exists in Oracle Database Server version 19c, version 21c. An...

K11100332: Multiple Oracle Database Server vulnerabilities

Security Advisory Description CVE-2016-3479 Unspecified vulnerability in the Portable Clusterware component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote attackers to affect availability via unknown vectors. CVE-2016-3484 Unspecified vulnerability in the Database Vault component i...

SUSE CVE-2011-0830

Unspecified vulnerability in the Event Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, and 10.2.0.4, and Oracle Enterprise Manager Grid Control 10.1.0.6, allows remote attackers to affect integrity via unknown vectors related to Rules Management UI...