CVE-2017-10120

CVE-2017-10120 affects Oracle Database Server 12.1.0.2 in the RDBMS Security component. The vulnerability allows a local attacker with Create Session and Select Any Dictionary privileges to compromise RDBMS Security, potentially enabling unauthorized update/insert/delete of some data (I: LOW; A/N...

CVE-2017-10120

Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that is affected is 12.1.0.2. Difficult to exploit vulnerability allows high privileged attacker having Create Session, Select Any Dictionary privilege with logon to the infrastructure where RDBMS...

Unspecified Vulnerability in Oracle Database Server (CNVD-2017-18569)

Oracle Database Server is an object-relational database management system. It provides an open, comprehensive, and integrated approach to information management. Oracle Database Server versions 11.2.0.4, 12.1.0.2, 12.2.0.1 contain a security vulnerability in the OJVM implementation that can be...

Unspecified Vulnerability in Oracle Database Server (CNVD-2017-18568)

Oracle Database Server is an object-relational database management system. It provides an open, comprehensive, and integrated approach to information management. Oracle Database Server version 12.1.0.2 has a security vulnerability in the RDBMS Security implementation, which can be exploited by a...

Oracle Database Server 'OJVM' Component Unspecified Vulnerability

Oracle Database Server is prone to multiple unspecified security vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Oracle Database Server Authentication Bypass Vulnerability

Oracle Database Server is an object-relational database management system. It provides an open, comprehensive, and integrated approach to information management. An authentication bypass vulnerability exists in Oracle Database Server. An attacker could use this vulnerability to bypass the...

CVE-2017-3486

Vulnerability in the SQLPlus component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Difficult to exploit vulnerability allows high privileged attacker having Local Logon privilege with logon to the infrastructure where SQLPlus executes to compromise...

Design/Logic Flaw

Vulnerability in the OJVM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple protocols to compromi...

CVE-2017-3486

Vulnerability in the SQLPlus component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Difficult to exploit vulnerability allows high privileged attacker having Local Logon privilege with logon to the infrastructure where SQLPlus executes to compromise...

CVE-2017-3567

CVE-2017-3567 affects Oracle Database Server OJVM component (versions 11.2.0.4 and 12.1.0.2). A low-privilege attacker with Create Session and Create Procedure privileges and network access via multiple protocols can cause OJVM to hang or crash (DOs). CVSS v3.0 base score 5.3 (Availability). No r...

Oracle Database Server Remote Vulnerability (CNVD-2017-06088)

Oracle Database Server is an object-relational database management system. It provides an open, comprehensive, and integrated approach to information management. A remote security vulnerability exists in the Oracle Database Server OJVM component, which can be exploited by a remote attacker to...

Oracle Database Server Local Vulnerability (CNVD-2017-06092)

Oracle Database Server is an object-relational database management system. It provides an open, comprehensive, and integrated approach to information management. A security vulnerability exists in the Oracle Database Server SQLPlus component, which can be exploited by remote attackers to compromi...

CVE-2017-3310

Vulnerability in the OJVM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple protocols to compromise...

CVE-2017-3240

Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that is affected is 12.1.0.2. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where RDBMS Security executes to compromise...

CVE-2017-3240

Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that is affected is 12.1.0.2. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where RDBMS Security executes to compromise...

CVE-2017-3240

CVE-2017-3240 is tied to the Oracle Database Server, specifically the RDBMS Security component. The vulnerability affects at least version 12.1.0.2 and, as described in the provided documents, enables a low-privileged, locally authenticated attacker to access (read) a subset of data within RDBMS ...

CVE-2017-3310

CVE-2017-3310 affects Oracle Database Server’s OJVM component in versions 11.2.0.4 and 12.1.0.2. The vulnerability allows a low-privileged attacker with Create Session and Create Procedure privileges, with network access via multiple protocols, to compromise OJVM. The exploitation requires user i...

CVE-2017-3240

Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that is affected is 12.1.0.2. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where RDBMS Security executes to compromise...

CVE-2016-5572

Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors...

CVE-2016-5572

Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors...