3672 matches found
NGS00416 Patch Notification: Oracle 11g TNS listener remote Invalid Pointer Read (pre-auth)
High Risk Vulnerability in Oracle Database 11g 1 May 2013 Andy Davis of NCC Group has discovered a High risk vulnerability in Oracle Database 11g Impact: Invalid pointer read Remote DoS Versions affected: Oracle Database 11g Security patch information can be found at the following URL:...
NGS00415 Patch Notification: Oracle 11g TNS listener remote Null Pointer Dereference (pre-auth)
High Risk Vulnerability in Oracle Database 11g 1 May 2013 Andy Davis of NCC Group has discovered a High risk vulnerability in Oracle Database 11g Impact: Null Pointer Dereference Remote DoS Versions affected: Oracle Database 11g Security patch information can be found at the following URL:...
mysql: unspecified vulnerability related to Server Locking (CPU April 2013)
Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Locking...
mysql: unspecified vulnerability related to Server Privileges (CPU April 2013)
Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...
CVE-2013-1519
Unspecified vulnerability in the Application Express component in Oracle Database Server before 4.2.1 allows remote attackers to affect integrity via unknown vectors...
Design/Logic Flaw
Unspecified vulnerability in the Application Express component in Oracle Database Server before 4.2.1 allows remote attackers to affect integrity via unknown vectors...
CVE-2013-1519
Unspecified vulnerability in the Application Express component in Oracle Database Server before 4.2.1 allows remote attackers to affect integrity via unknown vectors...
CVE-2013-1534
The CVE-2013-1534 issue affects Oracle Database Server (11.2.0.2/11.2.0.3) Workload Manager when used in RAC setups. The root cause is a vulnerability in the Workload Manager component that could let remote attackers affect confidentiality, integrity, and availability via unknown vectors. Documen...
Oracle Database Multiple Vulnerabilities (April 2013 CPU)
The remote Oracle database server is missing the April 2013 Critical Patch Update CPU and is, therefore, potentially affected by security issues in the following components : - Workload Manager - Network Layer %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...
Wanda supplier system SQL injection vulnerability-vulnerability warning-the black bar safety net
Brief description: Wanda a sub-Stationsql injection. Sensitive information disclosure. Detailed description: Wanda scm system login boxsql injection. http://www.vans-china.cn/LoginUser?USERNO=%27&PWD=%2 7 5 0 0 error. User name just to lose, suggesting the absence of the user;USERNO=%2 7 and 1=1...
PT-2013-21: XML External Entities Injection in Oracle Database
The specialists of the Positive Research center have detected an XML External Entities Injection vulnerability in Oracle Database. If an attacker sends specially crafted SQL query containing malformed XML to Oracle Database server, the server will automatically send the contents of remote resourc...
Oracle Application Express (Apex) CVE-2008-4005
An unspecified vulnerability in the Oracle Application Express component of Oracle Database version 11.1.0.6 allows remote, authenticated users to affect confidentiality, integrity, and availability via unpublished vectors...
Oracle Application Express (Apex) CVE-2010-0076
An unspecified vulnerability in version 3.2.1 of the Application Express Application Builder component of Oracle Database allows remote, authenticated users to affect confidentiality, integrity, and availability via unpublished vectors...
Oracle Application Express (Apex) Unspecified Issues (pre 2.2.1)
There are unspecified vulnerabilities in versions prior to version 2.2.1 of the Oracle Application Express component of the Oracle Database. The updated version of Apex contains '35 new security fixes for Oracle Application Express, 25 of which may be remotely exploitable without authentication'...
Oracle Application Express (Apex) CVE-2012-1708
An unspecified vulnerability in versions 4.0 and 4.1 of the Application Express Apex component of the Oracle Database Server allows remote attackers to affect integrity via unpublished vectors. --------------------------------------------------------------------------------- c Recx Ltd 2009-2012...
Oracle Application Express (Apex) Unspecified Issues (pre 3.0.1)
There are unspecified vulnerabilities in versions prior to version 3.0.1 of the Oracle Application Express component of the Oracle Database. --------------------------------------------------------------------------------- c Recx Ltd 2009-2012 http://www.recx.co.uk/ Detection script for multiple...
Oracle Application Express (Apex) CVE-2010-0892
An unspecified vulnerability in version 3.2 of the Application Express component of Oracle Database Server allows remote attackers to affect integrity via unknown vectors. --------------------------------------------------------------------------------- c Recx Ltd 2009-2012 http://www.recx.co.uk/...
CVE-2013-0366
Unspecified vulnerability in the Mobile Server component in Oracle Database Mobile/Lite Server formerly Oracle Database Lite 10.3.0.3 and 11.1.0.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2013-0361...
Design/Logic Flaw
Unspecified vulnerability in the Spatial component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users with Create Session privileges to affect confidentiality, integrity, and availability via unknown vectors...
CVE-2012-3220
CVE-2012-3220 is a published vulnerability in Oracle Spatial/GeoRaster within Oracle Database Server (versions 10.2.0.3–11.2.0.3) that exploits a stack-based overflow in the GeoRaster API. The issue allows a remote attacker who can connect to spatially enabled Oracle databases to execute arbitrar...