Lucene search
K

3672 matches found

Cvelist
Cvelist
added 2014/10/15 3:15 p.m.32 views

CVE-2014-4295

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4294, CVE-2014-6538, and CVE-2014-6563...

5.4AI score0.01454EPSS
Exploits0References2
CVE
CVE
added 2014/10/15 3:15 p.m.89 views

CVE-2014-6453

Technical details about CVE-2014-6453 are not publicly available in the provided documents; no specifics on affected product versions, root cause, or exploit info are given. Monitor for updates.

9CVSS5.7AI score0.02457EPSS
Exploits0References2Affected Software1
0day.today
0day.today
added 2014/09/11 12:0 a.m.47 views

Oracle GENERATESCHEMA Buffer Overflow Exploit

This Exploit a buffer overflow in Oracle10g. When sending a specially formatted query to the GENERATESCHEMA function in the XDB.DBMSXMLSCHEMA package, an attacker may be able to execute arbitrary code. NOTE: For targets running DEP, you will need to choose target 0 then rexploit with target 1. Th...

7.8AI score
Exploits0
NVD
NVD
added 2014/08/20 11:17 a.m.32 views

CVE-2014-2520

EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P07, when Oracle Database is used, does not properly restrict DQL hints, which allows remote authenticated users to conduct DQL injection attacks and read sensitive database content via a crafted request...

6.3CVSS8.1AI score0.01709EPSS
Exploits1References5
Cvelist
Cvelist
added 2014/08/20 10:0 a.m.34 views

CVE-2014-2520

EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P07, when Oracle Database is used, does not properly restrict DQL hints, which allows remote authenticated users to conduct DQL injection attacks and read sensitive database content via a crafted request...

8.1AI score0.01709EPSS
Exploits1References5
The Hacker News
The Hacker News
added 2014/08/09 12:16 a.m.12 views

Researcher Uncovers Vulnerability Oracle Data Redaction Security Feature

Oracle’s newly launched Data Redaction security feature in Oracle Database 12c can be easily disrupted by an attacker without any need to use exploit code, a security researcher long known as a thorn in Oracle's side said at Defcon. Data Redaction is one of the new Advanced Security features...

8.1AI score
Exploits0
OSV
OSV
added 2014/07/18 1:49 p.m.5 views

SUSE-SU-2015:0907-1 Security update for oracle-update

This critical patch update contains 5 security fixes for the Oracle Database Server. One of the vulnerabilities could have been exploited over the network without a valid username and password. Security Issues: CVE-2013-3751 CVE-2013-3774 CVE-2014-4236 CVE-2014-4237 CVE-2014-4245...

9CVSS6.6AI score0.03672EPSS
Exploits1References14
OSV
OSV
added 2014/07/18 1:49 p.m.9 views

SUSE-SU-2015:0498-2 Security update for oracle-update

This critical patch update contains 5 security fixes for the Oracle Database Server. One of the vulnerabilities could have been exploited over the network without a valid username and password. Security Issues: CVE-2013-3751 CVE-2013-3774 CVE-2014-4236 CVE-2014-4237 CVE-2014-4245...

9CVSS6.6AI score0.03672EPSS
Exploits1References14
OSV
OSV
added 2014/07/18 9:38 a.m.8 views

SUSE-SU-2015:0498-1 Security update for oracle-update

This critical patch update contains 5 security fixes for the Oracle Database Server. One of the vulnerabilities could have been exploited over the network without a valid username and password. Security Issues: CVE-2013-3751 CVE-2013-3774 CVE-2014-4236 CVE-2014-4237 CVE-2014-4245...

10CVSS6.8AI score0.31437EPSS
Exploits6References48
NVD
NVD
added 2014/07/17 11:17 a.m.25 views

CVE-2014-4236

Unspecified vulnerability in the RDBMS Core component in Oracle Database Server 11.2.0.4 and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...

6.5CVSS5.5AI score0.0245EPSS
Exploits0References9
Prion
Prion
added 2014/07/17 11:17 a.m.26 views

Design/Logic Flaw

Unspecified vulnerability in the RDBMS Core component in Oracle Database Server 11.2.0.4 and 12.1.0.1 allows remote authenticated users to affect confidentiality via unknown vectors...

4CVSS5.7AI score0.02527EPSS
Exploits1References9Affected Software1
OSV
OSV
added 2014/07/17 11:17 a.m.4 views

UBUNTU-CVE-2014-4240

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows local users to affect confidentiality and integrity via vectors related to SRREP...

3.6CVSS6.7AI score0.00414EPSS
Exploits0References3
Cvelist
Cvelist
added 2014/07/17 10:0 a.m.30 views

CVE-2014-4237

Unspecified vulnerability in the RDBMS Core component in Oracle Database Server 11.2.0.4 and 12.1.0.1 allows remote authenticated users to affect confidentiality via unknown vectors...

5.4AI score0.02527EPSS
Exploits1References9
Cvelist
Cvelist
added 2014/07/17 10:0 a.m.33 views

CVE-2014-4245

Unspecified vulnerability in the RDBMS Core component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality via unknown vectors...

5.4AI score0.01945EPSS
Exploits0References10
CVE
CVE
added 2014/07/17 10:0 a.m.69 views

CVE-2014-4245

CVE-2014-4245 is an unspecified vulnerability in the RDBMS Core of Oracle Database Server affecting 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1. The impact is limited to confidentiality and requires remote authenticated access; vectors are unknown. CVSS v2 base score reported as 3.5 (low). Public ...

3.5CVSS5.5AI score0.01945EPSS
Exploits0References10Affected Software1
Tenable Nessus
Tenable Nessus
added 2014/07/16 12:0 a.m.38 views

Oracle Database Multiple Vulnerabilities (July 2014 CPU)

The remote Oracle database server is missing the July 2014 Critical Patch Update CPU. It is, therefore, affected by security issues in the following components : - XML Parser - Network Layer - RDBMS Core %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

9CVSS5.3AI score0.03672EPSS
Exploits1References6
ThreatPost
ThreatPost
added 2014/07/14 12:45 p.m.17 views

Oracle July 2014 Critical Patch Update

Never one to skimp on patches, Oracle is expected to release 113 of them tomorrow as part of its quarterly Critical Patch Update. The company also clarified that Java 7 versions will continue to work on the end-of-life Microsoft Windows XP platform and Oracle security updates for Java on XP...

2.5AI score
Exploits0References2
Kitploit
Kitploit
added 2014/07/05 5:15 p.m.50 views

ODAT - Oracle Database Attacking Tool

ODAT Oracle Database Attacking Tool is an open source penetration testing tool that test the security of Oracle Databases remotely. Usage examples of ODAT: You have an Oracle database listening remotely and want to find valid SIDs and credentials in order to connect to the database You have a val...

7.3AI score
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.20 views

Oracle 9i/10g Database Network Foundation Remote Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/35684/info Oracle Database is prone to a remote vulnerability in Network Foundation. The vulnerability can be exploited over the 'Oracle Net' protocol. An attacker doesn't require privileges to exploit this vulnerability...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

Oracle 10g Database SUBSCRIPTION_NAME Remote SQL Injection Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/13236/info Oracle database is prone to an SQL-injection vulnerability because the software fails to properly sanitize user-supplied data. The 'SUBSCRIPTIONNAME' parameter is vulnerable. Packages that employ this parameter...

7.1AI score
Exploits0
Rows per page
Query Builder