Lucene search
K

3672 matches found

securityvulns
securityvulns
added 2013/05/04 12:0 a.m.70 views

NGS00416 Patch Notification: Oracle 11g TNS listener remote Invalid Pointer Read (pre-auth)

High Risk Vulnerability in Oracle Database 11g 1 May 2013 Andy Davis of NCC Group has discovered a High risk vulnerability in Oracle Database 11g Impact: Invalid pointer read Remote DoS Versions affected: Oracle Database 11g Security patch information can be found at the following URL:...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2013/05/04 12:0 a.m.71 views

NGS00415 Patch Notification: Oracle 11g TNS listener remote Null Pointer Dereference (pre-auth)

High Risk Vulnerability in Oracle Database 11g 1 May 2013 Andy Davis of NCC Group has discovered a High risk vulnerability in Oracle Database 11g Impact: Null Pointer Dereference Remote DoS Versions affected: Oracle Database 11g Security patch information can be found at the following URL:...

0.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2013/04/25 5:26 p.m.2 views

mysql: unspecified vulnerability related to Server Locking (CPU April 2013)

Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier and 5.5.29 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Server Locking...

6.5CVSS6.6AI score0.02243EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/04/25 5:26 p.m.9 views

mysql: unspecified vulnerability related to Server Privileges (CPU April 2013)

Unspecified vulnerability in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors...

6.5CVSS6.9AI score0.02262EPSS
Exploits0References5
NVD
NVD
added 2013/04/17 12:19 p.m.18 views

CVE-2013-1519

Unspecified vulnerability in the Application Express component in Oracle Database Server before 4.2.1 allows remote attackers to affect integrity via unknown vectors...

5CVSS8.6AI score0.01408EPSS
Exploits0References4
Prion
Prion
added 2013/04/17 12:19 p.m.16 views

Design/Logic Flaw

Unspecified vulnerability in the Application Express component in Oracle Database Server before 4.2.1 allows remote attackers to affect integrity via unknown vectors...

5CVSS6.4AI score0.01408EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2013/04/17 12:10 p.m.25 views

CVE-2013-1519

Unspecified vulnerability in the Application Express component in Oracle Database Server before 4.2.1 allows remote attackers to affect integrity via unknown vectors...

8.6AI score0.01408EPSS
Exploits0References4
CVE
CVE
added 2013/04/17 12:10 p.m.99 views

CVE-2013-1534

The CVE-2013-1534 issue affects Oracle Database Server (11.2.0.2/11.2.0.3) Workload Manager when used in RAC setups. The root cause is a vulnerability in the Workload Manager component that could let remote attackers affect confidentiality, integrity, and availability via unknown vectors. Documen...

10CVSS6.1AI score0.03729EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2013/04/17 12:0 a.m.36 views

Oracle Database Multiple Vulnerabilities (April 2013 CPU)

The remote Oracle database server is missing the April 2013 Critical Patch Update CPU and is, therefore, potentially affected by security issues in the following components : - Workload Manager - Network Layer %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc';...

10CVSS5.4AI score0.03729EPSS
Exploits0References4
myhack58
myhack58
added 2013/03/23 12:0 a.m.13 views

Wanda supplier system SQL injection vulnerability-vulnerability warning-the black bar safety net

Brief description: Wanda a sub-Stationsql injection. Sensitive information disclosure. Detailed description: Wanda scm system login boxsql injection. http://www.vans-china.cn/LoginUser?USERNO=%27&PWD=%2 7 5 0 0 error. User name just to lose, suggesting the absence of the user;USERNO=%2 7 and 1=1...

0.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2013/02/26 12:0 a.m.10 views

PT-2013-21: XML External Entities Injection in Oracle Database

The specialists of the Positive Research center have detected an XML External Entities Injection vulnerability in Oracle Database. If an attacker sends specially crafted SQL query containing malformed XML to Oracle Database server, the server will automatically send the contents of remote resourc...

6.4CVSS7.3AI score0.02463EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2013/02/20 12:0 a.m.35 views

Oracle Application Express (Apex) CVE-2008-4005

An unspecified vulnerability in the Oracle Application Express component of Oracle Database version 11.1.0.6 allows remote, authenticated users to affect confidentiality, integrity, and availability via unpublished vectors...

4.3CVSS5.5AI score0.01039EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2013/02/20 12:0 a.m.57 views

Oracle Application Express (Apex) CVE-2010-0076

An unspecified vulnerability in version 3.2.1 of the Application Express Application Builder component of Oracle Database allows remote, authenticated users to affect confidentiality, integrity, and availability via unpublished vectors...

6CVSS5.5AI score0.0096EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2013/02/20 12:0 a.m.34 views

Oracle Application Express (Apex) Unspecified Issues (pre 2.2.1)

There are unspecified vulnerabilities in versions prior to version 2.2.1 of the Oracle Application Express component of the Oracle Database. The updated version of Apex contains '35 new security fixes for Oracle Application Express, 25 of which may be remotely exploitable without authentication'...

10CVSS5.4AI score0.0231EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2013/02/20 12:0 a.m.146 views

Oracle Application Express (Apex) CVE-2012-1708

An unspecified vulnerability in versions 4.0 and 4.1 of the Application Express Apex component of the Oracle Database Server allows remote attackers to affect integrity via unpublished vectors. --------------------------------------------------------------------------------- c Recx Ltd 2009-2012...

4.3CVSS7.2AI score0.02558EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2013/02/20 12:0 a.m.29 views

Oracle Application Express (Apex) Unspecified Issues (pre 3.0.1)

There are unspecified vulnerabilities in versions prior to version 3.0.1 of the Oracle Application Express component of the Oracle Database. --------------------------------------------------------------------------------- c Recx Ltd 2009-2012 http://www.recx.co.uk/ Detection script for multiple...

7.5CVSS5.4AI score0.01952EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2013/02/20 12:0 a.m.37 views

Oracle Application Express (Apex) CVE-2010-0892

An unspecified vulnerability in version 3.2 of the Application Express component of Oracle Database Server allows remote attackers to affect integrity via unknown vectors. --------------------------------------------------------------------------------- c Recx Ltd 2009-2012 http://www.recx.co.uk/...

4.3CVSS5.6AI score0.00941EPSS
Exploits0References4
NVD
NVD
added 2013/01/17 1:55 a.m.13 views

CVE-2013-0366

Unspecified vulnerability in the Mobile Server component in Oracle Database Mobile/Lite Server formerly Oracle Database Lite 10.3.0.3 and 11.1.0.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2013-0361...

10CVSS6AI score0.02534EPSS
Exploits0References4
Prion
Prion
added 2013/01/17 1:55 a.m.21 views

Design/Logic Flaw

Unspecified vulnerability in the Spatial component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users with Create Session privileges to affect confidentiality, integrity, and availability via unknown vectors...

9CVSS6AI score0.01969EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2013/01/17 1:30 a.m.75 views

CVE-2012-3220

CVE-2012-3220 is a published vulnerability in Oracle Spatial/GeoRaster within Oracle Database Server (versions 10.2.0.3–11.2.0.3) that exploits a stack-based overflow in the GeoRaster API. The issue allows a remote attacker who can connect to spatially enabled Oracle databases to execute arbitrar...

9CVSS5.8AI score0.01969EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder