CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Saint•added 2006/12/18 12:0 a.m.•19 views

Oracle MD2 component SDO_CODE_SIZE buffer overflow

7.2CVSS9.6AI score0.02672EPSS

Saint•added 2006/11/07 12:0 a.m.•40 views

Oracle Security Component sys.pbsde buffer overflow

Added: 11/07/2006 CVE: CVE-2005-3438 BID: 15134 OSVDB: 20612 Background pbsde is a package of stored procedures which is part of the base installation of Oracle Database. Problem A buffer overflow in the sys.pbsde.init procedure allows database users to execute arbitrary commands. Resolution Appl...

10CVSS7.3AI score0.05866EPSS

Saint•added 2006/11/07 12:0 a.m.•30 views

Oracle Security Component sys.pbsde buffer overflow

10CVSS7.3AI score0.05866EPSS

Saint•added 2006/11/07 12:0 a.m.•41 views

Oracle Security Component sys.pbsde buffer overflow

10CVSS7.3AI score0.05866EPSS

Saint•added 2006/11/03 12:0 a.m.•37 views

Oracle XML Component DBMS_XMLSCHEMA.GENERATESCHEMA buffer overflow

Added: 11/03/2006 CVE: CVE-2006-0272 BID: 16287 OSVDB: 22567 Background Oracle Database Server includes the DBMSXMLSCHEMA component, which contains procedures for managing XML schemas. Problem A buffer overflow vulnerability in the DBMSXMLSCHEMA.GENERATESCHEMA procedure allows database users to...

9CVSS7.5AI score0.05819EPSS

Saint•added 2006/11/03 12:0 a.m.•31 views

Oracle XML Component DBMS_XMLSCHEMA.GENERATESCHEMA buffer overflow

9CVSS7.5AI score0.05819EPSS

Saint•added 2006/10/26 12:0 a.m.•42 views

Oracle Spatial component SDO_CS.TRANSFORM_LAYER buffer overflow

Added: 10/26/2006 CVE: CVE-2006-5344 BID: 20588 OSVDB: 31462 Background The Oracle Spatial formerly SDO component of Oracle Database provides a set of functions which process multi-dimensional data. Problem A buffer overflow in the Oracle Spatial component allows an attacker with EXECUTE privileg...

9CVSS7.2AI score0.03598EPSS

Saint•added 2006/10/26 12:0 a.m.•30 views

Oracle Spatial component SDO_CS.TRANSFORM_LAYER buffer overflow

9CVSS7.2AI score0.03598EPSS

seebug.org•added 2006/10/25 12:0 a.m.•20 views

Oracle 2006年10月更新修复多个安全漏洞

Oracle Database是一款商业性质大型数据库系统。 Oracle发布了2006年10月的紧急补丁更新公告，修复了多个Oracle产品中的多个漏洞。这些漏洞影响Oracle产品的所有安全属性，可导致本地和远程的威胁。其中一些漏洞可能需要各种级别的授权，但也有些不需要任何授权。最严重的漏洞可能导致完全入侵数据库系统。目前已知的漏洞包括： 1 以下软件包在处理SQL查询时存在SQL注入漏洞： DBMSXDBZ SDODROPUSERBEFORE MD2 DBMSCDCIMPDP DBMSCDCIPUBLISH DBMSCDCISUBSCRIBE DBMSSQLTUNE...

6.8AI score

Exploits0

NVD•added 2006/10/18 1:7 a.m.•16 views

CVE-2006-5335

Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.2 have unknown impact and remote authenticated attack vectors related to 1 Vuln DB04 and sys.dbmscdcimpdp in the a Change Data Capture CDC component; 2 Vuln DB07, 3 DB08, and 4 DB16 in sys.dbmscdcisubscribe in CDC; and 5...

9CVSS7AI score0.02777EPSS

Exploits0References12

NVD•added 2006/10/18 1:7 a.m.•15 views

CVE-2006-5334

Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 has unknown impact and remote authenticated attack vectors related to mdsys.md2, aka Vuln DB03. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB03 is...

7.1CVSS7.2AI score0.03067EPSS

NVD•added 2006/10/18 1:7 a.m.•16 views

CVE-2006-5336

Multiple unspecified vulnerabilities in the Change Data Capture CDC component in Oracle Database 9.2.0.7, 10.1.0.5, and have unknown impact and remote authenticated attack vectors related to 1 sys.dbmscdcipublish Vuln DB05 and 2 sys.dbmscdcisubscribe DB06. NOTE: as of 20061023, Oracle has not...

9CVSS7AI score0.02777EPSS

Exploits0References12

NVD•added 2006/10/18 1:7 a.m.•20 views

CVE-2006-5332

Unspecified vulnerability in xdb.dbmsxdbz in the XMLDB component for Oracle Database 9.2.0.6 and 10.1.0.4 has unknown impact and remote authenticated attack vectors, aka Vuln DB01. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB01 is for PL/SQL injection ...

9CVSS6.4AI score0.04459EPSS

Exploits0References13

NVD•added 2006/10/18 1:7 a.m.•19 views

CVE-2006-5338

Unspecified vulnerability in the Core RDBMS component in Oracle Database 10.1.0.5 has unknown impact and remote authenticated attack vectors related to sys.dbmssqltune, aka Vuln DB10. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB10 is for SQL injection ...

9CVSS6.7AI score0.02525EPSS

Exploits0References12

NVD•added 2006/10/18 1:7 a.m.•21 views

CVE-2006-5341

Multiple unspecified vulnerabilities in XMLDB component in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.2 have unknown impact and remote authenticated attack vectors, aka 1 Vuln DB14 and 2 DB15 related to xdb.dbmsxdbz. NOTE: as of 20061023, Oracle has not disputed reports from reliable third...

9CVSS7.1AI score0.0302EPSS

Exploits0References13

NVD•added 2006/10/18 1:7 a.m.•14 views

CVE-2006-5342

Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.6, and 10.1.0.3 has unknown impact and remote authenticated attack vectors related to mdsys.sdotune, aka Vuln DB18. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB18...

7.1CVSS6.6AI score0.02152EPSS

NVD•added 2006/10/18 1:7 a.m.•12 views

CVE-2006-5344

Multiple unspecified vulnerabilities in Oracle Spatial component in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 have unknown impact and remote authenticated attack vectors related to 1 mdsys.sdo3gl, aka Vuln DB20, and 2 mdsys.sdocs, aka DB21. NOTE: as of 20061023, Oracle has not...

9CVSS7.4AI score0.03598EPSS

Exploits4References10

NVD•added 2006/10/18 1:7 a.m.•19 views

CVE-2006-5343

Unspecified vulnerability in Database Scheduler component in Oracle Database 10.1.0.3 has unknown impact and remote authenticated attack vectors related to sys.dbmsscheduler, aka Vuln DB19...

9CVSS5.7AI score0.03092EPSS

Cvelist•added 2006/10/18 1:0 a.m.•16 views

CVE-2006-5334

7.2AI score0.03067EPSS