3671 matches found
Design/Logic Flaw
Vulnerability in the Oracle Database Recovery Manager component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows high privileged attacker having Local SYSDBA privilege with network access via Oracle Net to compromise Oracle...
Design/Logic Flaw
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Difficult to exploit vulnerability allows low privileged attacker having User Account privilege with network access via TLS to compromise Java VM. Successful attacks of this...
UBUNTU-CVE-2023-21911
Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.32 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...
CVE-2023-21934
The CVE-2023-21934 issue affects Oracle Database Server (Java VM component) in 19c and 21c. The root cause is described in connected sources as insufficient input validation in the Java VM, enabling a low-privileged user with network access via TLS to compromise the Java VM and potentially read, ...
PT-2023-2526 · Oracle · Oracle Database Server
Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 19c and 21c Description: The issue is related to insufficient input validation in the Java VM component of the Oracle Database Server. This can be exploited by a remote attacker to gain read, modify, add, or...
Oracle MySQL 安全漏洞
Oracle MySQL Server is a relational database from Oracle Corporation. Oracle MySQL Server has a security vulnerability that can be exploited by attackers to cause a takeover of MySQL Server...
Oracle Database Server 安全漏洞
Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. A security vulnerability exists in Oracle Database Server versions 19c and 21c. An...
PT-2023-22785 · Archery · Archery
Name of the Vulnerable Software and Affected Versions: Archery affected versions not specified Description: The Archery project contains multiple SQL injection vulnerabilities that may allow an attacker to query the connected databases. User input coming from the db name in the sql/data...
PT-2023-2642 · Oracle · Oracle Database Server
Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 19c through 21c Description: The issue exists due to insufficient input validation in the Oracle Database Recovery Manager component of Oracle Database Server. This can be exploited by a remote attacker to caus...
Oracle Database Server 安全漏洞
Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. A security vulnerability exists in Oracle Database Server version 19c, version 21c. An...
Oracle DB Broken PDB Isolation / Metadata Exposure Vulnerability
Proof of concept details for Oracle database versions 12.1.0.2, 12.2.0.1, 18c, and 19c that had a PDB isolation vulnerability allowing viewing of metadata for a different database within the same container. Title: CVE-2021-2173 – PDB Isolation is broken through metadata exposure Product: Database...
Oracle Database 19c Access Bypass Vulnerability
Oracle Database Vault had a flaw that would allow unauthorized privileged users to extract data from a protected table. Oracle 19c versions 19.18 and below are affected. Fixed in the Oracle Critical Patch Update October 2022. Title: Oracle Database Vault Protected Table With Realm Data Extraction...
K11100332: Multiple Oracle Database Server vulnerabilities
Security Advisory Description CVE-2016-3479 Unspecified vulnerability in the Portable Clusterware component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote attackers to affect availability via unknown vectors. CVE-2016-3484 Unspecified vulnerability in the Database Vault component i...
K15892: Oracle Database Server vulnerabilities CVE-2013-3751, CVE-2013-3774, CVE-2014-4236, CVE-2014-4237, and CVE-2014-4245
Security Advisory Description CVE-2013-3751 Unspecified vulnerability in the XML Parser component in Oracle Database Server 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. CVE-2013-3774 Unspecified...
SUSE CVE-2011-0830
Unspecified vulnerability in the Event Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, and 10.2.0.4, and Oracle Enterprise Manager Grid Control 10.1.0.6, allows remote attackers to affect integrity via unknown vectors related to Rules Management UI...
SUSE CVE-2011-0822
Unspecified vulnerability in the Streams, AQ & Replication Mgmt component in Oracle Database Server 10.1.0.5 and 10.2.0.3, and Oracle Enterprise Manager Grid Control 10.1.0.6, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...
SUSE CVE-2012-0486
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.x allows remote authenticated users to affect availability via unknown vectors, a different vulnerability than CVE-2012-0117, CVE-2012-0487, CVE-2012-0488, CVE-2012-0489, CVE-2012-0491, CVE-2012-0493, and CVE-2012-0495...
SUSE CVE-2012-0510
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, and 11.1.0.7 allows remote attackers to affect integrity and availability via unknown vectors...
SUSE CVE-2012-0511
Unspecified vulnerability in the OCI component in Oracle Database Server 10.2.0.3, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect confidentiality and integrity via unknown vectors...
SUSE CVE-2012-0519
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.2.0.2, when running on Windows, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...