3671 matches found
Oracle Database Server Network Authentication AUTH_SESSKEY Buffer Overflow - Ver2 (CVE-2009-1979)
Oracle Database Server is an enterprise-level relational database application suite. A buffer overflow vulnerability exists in the Oracle Database server, the vulnerability is due to an error in the Oracle Database server that fails to sufficiently validate the length field of the AUTHSESSKEY...
PT-2013-1036 · Oracle +5 · Mysql Server +5
Name of the Vulnerable Software and Affected Versions: Oracle MySQL versions 5.5.33 and earlier Oracle MySQL versions 5.6.13 and earlier Description: The issue is related to an error in the Partition component of Oracle MySQL. It allows an authorized user to impact data availability. The...
Oracle Database Server listener Security Bypass Vulnerability
Oracle Database Server is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Oracle Database Patch Info (Windows) (credentialed check)
It was possible to gather database patch information with the supplied credentials. Binary data oraclerdbmspatchinfowin.nbin...
Oracle Database Server Authentication Protocol Security Bypass Vulnerability
Oracle Database Server is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2013-3826
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote attackers to affect confidentiality via unknown vectors...
CVE-2013-3826
CVE-2013-3826 is mapped to Oracle Database Server 11.1.0.7, 11.2.0.2, 11.2.0.3, and 12.1.0.1 under the Core RDBMS component. The description indicates an unspecified vulnerability allowing remote attackers to affect confidentiality via unknown vectors. The NVD entry assigns a CVSS v2 base score o...
Oracle Database Multiple Vulnerabilities (October 2013 CPU) (BEAST)
The remote Oracle database server is missing the October 2013 Critical Patch Update CPU. It is, therefore, affected by multiple security vulnerabilities in the following components : - Core RDBMS - Oracle Security service - XML Parser %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
JVN#26103805: Oracle Enterprise Manager vulnerable to cross-site scripting
Oracle Enterprise Manager provided by Oracle contains a cross-site scripting vulnerability. Impact An arbitrary script may be executed on the user's web browser. Solution Apply an Update Update to the latest version according to the information provided by the developer. Products Affected...
CVE-2013-3751
Unspecified vulnerability in the XML Parser component in Oracle Database Server 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...
CVE-2013-3789
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...
CVE-2013-3774
Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...
Design/Logic Flaw
Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...
CVE-2013-3790
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect integrity via unknown vectors related to Privileged Account...
Design/Logic Flaw
Unspecified vulnerability in the XML Parser component in Oracle Database Server 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...
CVE-2013-3789
CVE-2013-3789 affects Oracle Database Server Core RDBMS. Affected are Oracle Database Server versions 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3. The vulnerability is described as unspecified but allows remote authenticated users to impact confidentiality, integrity, and availability vi...
CVE-2013-3774
Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...
CVE-2013-3751
CVE-2013-3751 is an unspecified vulnerability in the XML Parser component of Oracle Database Server affecting 11.2.0.2, 11.2.0.3, and 12.1.0.1. It allows remote authenticated users to impact confidentiality, integrity, and availability via unknown vectors (CVSS v2 Base Score 9.0). The root cause ...
CVE-2013-3790
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect integrity via unknown vectors related to Privileged Account...
NGS00416 Patch Notification: Oracle 11g TNS listener remote Invalid Pointer Read (pre-auth)
High Risk Vulnerability in Oracle Database 11g 1 May 2013 Andy Davis of NCC Group has discovered a High risk vulnerability in Oracle Database 11g Impact: Invalid pointer read Remote DoS Versions affected: Oracle Database 11g Security patch information can be found at the following URL:...