Lucene search
K

3671 matches found

Cvelist
Cvelist
added 2013/01/17 1:30 a.m.34 views

CVE-2012-3220

Unspecified vulnerability in the Spatial component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users with Create Session privileges to affect confidentiality, integrity, and availability via unknown vectors...

5.6AI score0.01969EPSS
Exploits0References3
Cvelist
Cvelist
added 2013/01/17 1:30 a.m.31 views

CVE-2013-0362

Unspecified vulnerability in the Mobile Server component in Oracle Database Mobile/Lite Server formerly Oracle Database Lite 10.3.0.3 and 11.1.0.0 allows remote attackers to affect confidentiality via unknown vectors, a different vulnerability than CVE-2013-0363 and CVE-2013-0364...

5.8AI score0.01468EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2013/01/16 5:1 p.m.30 views

Oracle Patches Java Zero Day Vulnerability

Oracle delivered an unusual emergency patch to Java's critical Zero Day vulnerability on Sunday to fix a malicious bug that allowed hackers access to users web browsers. Exploits for the previously undisclosed flaw were being hosted in a number of exploit kits and attacks have already been seen i...

10CVSS6.9AI score0.97612EPSS
Exploits38
The Hacker News
The Hacker News
added 2013/01/16 6:1 a.m.60 views

Oracle Patches Java Zero Day Vulnerability

Oracle delivered an unusual emergency patch to Java's critical Zero Day vulnerability on Sunday to fix a malicious bug that allowed hackers access to users web browsers. Exploits for the previously undisclosed flaw were being hosted in a number of exploit kits and attacks have already been seen i...

10CVSS0.8AI score0.97612EPSS
Exploits38
Exploit DB
Exploit DB
added 2012/11/15 12:0 a.m.61 views

Oracle Database Client System Analyzer - Arbitrary File Upload (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 /Oracle Containers for J2EE/ include...

7.5CVSS7AI score0.76694EPSS
Exploits4
0day.today
0day.today
added 2012/11/15 12:0 a.m.71 views

Oracle Database Client System Analyzer Arbitrary File Upload

This Metasploit module exploits an arbitrary file upload vulnerability on the Client Analyzer component as included in Oracle Database 11g, which allows remote attackers to upload and execute arbitrary code. This Metasploit module has been tested successfully on Oracle Database 11g 11.2.0.1.0 on...

7.8AI score0.76694EPSS
Exploits4
Packet Storm
Packet Storm
added 2012/11/15 12:0 a.m.66 views

Oracle Database Client System Analyzer Arbitrary File Upload

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 /Oracle Containers for J2EE/ include...

7.5CVSS0.76694EPSS
Exploits4
RedHat Linux
RedHat Linux
added 2012/11/14 8:41 p.m.2 views

mysql: unspecified DoS vulnerability related to InnoDB (CPU Oct 2012)

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.63 and earlier, and 5.5.25 and earlier, allows remote authenticated users to affect availability via unknown vectors related to InnoDB...

4CVSS5.8AI score0.03033EPSS
Exploits0References4
myhack58
myhack58
added 2012/10/29 12:0 a.m.23 views

The latest Oracle Database authentication Protocol security bypass vulnerability-vulnerability warning-the black bar safety net

The Oracle Database was found likely to cause a remote security bypass vulnerability, and impact to its own authentication Protocol. An attacker can exploit this vulnerability to bypass the database authentication to access the database from unauthorized access. Affected versions: Oracle Database...

1.1AI score
Exploits0
myhack58
myhack58
added 2012/10/25 12:0 a.m.28 views

Oracle database to bypass login authentication-vulnerability warning-the black bar safety net

And a while back that phpmyadmin to bypass the verification is somewhat similar. An attacker can exploit this vulnerability to bypass authentication process and gain unauthorized access to the database. 1. --coding:utf8 -- 2. 3. import hashlib 4. from Crypto. Cipher import AES 5. 6. def...

1.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2012/10/23 12:0 a.m.97 views

Oracle Database Multiple Vulnerabilities (October 2012 CPU)

The remote Oracle database server is missing the October 2012 Critical Patch Update CPU and is, therefore, potentially affected by security issues in the Core RDBMS. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...

6.5CVSS8.3AI score0.31437EPSS
Exploits4References8
Tenable Nessus
Tenable Nessus
added 2012/10/19 12:0 a.m.15 views

Oracle MySQL Server 5.1.x < 5.1.67 Multiple Vulnerabilities

Binary data 6675.prm...

6.8CVSS7.3AI score0.24564EPSS
Exploits4References12
Packet Storm
Packet Storm
added 2012/10/18 12:0 a.m.61 views

Oracle Database Authentication Protocol Security Bypass

Oracle Database is prone to a remote security-bypass vulnerability that affects the authentication protocol. An attacker can exploit this issue to bypass the authentication process and gain unauthorized access to the database. This vulnerability affects Oracle Database 11g Release 1 and 11g Relea...

6.4CVSS0.5AI score0.31437EPSS
Exploits4
Exploit DB
Exploit DB
added 2012/10/18 12:0 a.m.62 views

Oracle Database - Protocol Authentication Bypass

source: https://www.securityfocus.com/bid/55651/info Oracle Database is prone to a remote security-bypass vulnerability that affects the authentication protocol. An attacker can exploit this issue to bypass the authentication process and gain unauthorized access to the database. This vulnerabilit...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2012/10/18 12:0 a.m.23 views

Oracle Database - Protocol Authentication Bypass

Oracle Database - Protocol Authentication Bypass source: https://www.securityfocus.com/bid/55651/info Oracle Database is prone to a remote security-bypass vulnerability that affects the authentication protocol. An attacker can exploit this issue to bypass the authentication process and gain...

0.4AI score
Exploits0
NVD
NVD
added 2012/09/21 11:55 p.m.23 views

CVE-2012-3137

The authentication protocol in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to obtain the session key and salt for arbitrary users, which leaks information about the cryptographic hash and makes it easier to conduct brute force...

6.4CVSS6.4AI score0.31437EPSS
Exploits4References8
Cvelist
Cvelist
added 2012/09/21 11:0 p.m.30 views

CVE-2012-3137

The authentication protocol in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to obtain the session key and salt for arbitrary users, which leaks information about the cryptographic hash and makes it easier to conduct brute force...

6.3AI score0.31437EPSS
Exploits4References8
ThreatPost
ThreatPost
added 2012/09/20 1:53 p.m.6 views

Flaw in Oracle Logon Protocol Leads to Easy Password Cracking

There is a serious vulnerability in the authentication protocol used by some Oracle databases, a flaw that could enable a remote attacker to brute-force a token provided by the server prior to authentication and determine a user’s password. The attacker could then log on as an authenticated user...

0.8AI score
Exploits0References1
Prion
Prion
added 2012/08/10 11:55 p.m.18 views

Sql injection

SQL injection vulnerability in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to execute arbitrary SQL commands via vectors involving CREATE INDEX with a CTXSYS.CONTEXT INDEXTYPE and DBMSSTATS.GATHERTABLESTATS...

6.5CVSS7.9AI score0.01822EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2012/08/10 11:0 p.m.26 views

CVE-2012-3132

SQL injection vulnerability in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to execute arbitrary SQL commands via vectors involving CREATE INDEX with a CTXSYS.CONTEXT INDEXTYPE and DBMSSTATS.GATHERTABLESTATS...

7.3AI score0.01822EPSS
Exploits0References8
Rows per page
Query Builder