Oracle MySQL 安全漏洞

Oracle MySQL is an open source relational database management system from Oracle Corporation, of which MySQL Server is a database server component. A denial of service vulnerability exists in MySQL Server, which can be exploited by an attacker to cause an application to hang or crash frequently a...

PT-2023-9567 · Oracle · Oracle Database Server

Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 19.3 through 19.24 Oracle Database Server versions 21.3 through 21.15 Oracle Database Server versions 23.4 through 23.5 Description: The issue is related to improper authorization in the Database Core Component...

PT-2023-9563 · Oracle · Oracle Database Server

Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 19.3 through 19.24 Oracle Database Server versions 21.3 through 21.15 Oracle Database Server versions 23.4 through 23.5 Description: The issue is related to errors in resource release in the XML Database...

PT-2023-9588 · Oracle · Oracle Database Server

Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 19.3 through 19.24 Oracle Database Server versions 21.3 through 21.15 Oracle Database Server versions 23.4 through 23.5 Description: The issue is related to insufficient protection of internal data due to...

PT-2023-9650 · Oracle · Oracle Database Server

Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 19.3 through 19.23 Oracle Database Server versions 21.3 through 21.14 Oracle Database Server version 23.4 Description: The issue is related to the Java VM component of Oracle Database Server, where an incorrect...

SUSE CVE-2020-2762

Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.19 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

The vulnerability of the WS_FTP Server server lies in the lack of validation for XML objects’ sequences, which allows an attacker to gain access to read and modify the database.

The vulnerability of the Oracle Database management system is related to the lack of validation for the consistency of XML objects. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to read and modify the database...

Oracle 19c / 21c Sharding Component Password Hash Exposure

Title: CVE-2023-22074 – Oracle database password hash exposure in sharding component Product: Database Manufacturer: Oracle Affected Versions: 19c,21c 19.3-19.20 and 21.3-21.11 Tested Versions: 19c Risk Level: Low Solution Status: Fixed CVE Reference: CVE-2023-22074 Base Score: 2.4 Author of...

The vulnerability of the Oracle Database Recovery Manager component of the Oracle Database Server database management system allows a perpetrator to trigger a service failure.

The vulnerability of the Oracle Database Recovery Manager component of the Oracle Database Server management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service interruptions...

The vulnerability of the Oracle Notification Server component of the Oracle Database Server database management system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Oracle Notification Server component of the Oracle Database Server database management system is related to insufficient validation of input data. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to protected information...

Oracle Database Server (October 2023 CPU)

The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2023 CPU advisory. - Vulnerability in the Oracle Spatial and Graph cURL component of Oracle Database Server. Supported versions that are affected are 19.3-19.2...

The vulnerability of the Database Sharding component of the Oracle Database Server system allows a hacker to perform a partial denial-of-service attack.

The vulnerability of the Database Sharding component of the Oracle Database Server management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to perform a partial denial-of-service attack remotely...

Vulnerability of the Server component: The Optimizer component of the Oracle MySQL Server database management system, which allows attackers to perform a “denial-of-service” attack.

The vulnerability of the Oracle MySQL Server component of the database management system’s optimizer is related to insufficient validation of input data. Exploiting this vulnerability may allow a malicious actor to execute a DoS Denial-of-Service attack remotely...

The vulnerability of the Database Sharding component of the Oracle Database Server management system allows a hacker to perform a partial service outage.

The vulnerability of the Database Sharding component of the Oracle Database Server management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause a partial service failure...

The vulnerability of the Java VM component of the Oracle Database Server management system allows a hacker to gain access to read, modify, or delete data.

The vulnerability of the Java VM component of the Oracle Database Server management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain access to read, modify, or delete data using the Oracle Net network protocol...

Vulnerability of the Server component: The Optimizer component of the Oracle MySQL Server database management system, which allows attackers to perform a “denial-of-service” attack.

The vulnerability of the Oracle MySQL Server component of the database management system’s optimizer is related to insufficient validation of input data. Exploiting this vulnerability may allow a malicious actor to execute a DoS Denial-of-Service attack remotely...

The vulnerability of the PL/SQL component of the Oracle Database Server allows a hacker to gain unauthorized access to protected data or to modify, add, or delete protected data.

The vulnerability of the PL/SQL component of the Oracle Database Server management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected data or to modify, add, or delete...

Vulnerabilities fixed in Oracle Database Server

Vulnerabilities have been fixed in Oracle Database Server products. A malicious party can exploit the vulnerabilities to perform attacks that can result in the following categories of damage: Denial-of-Service DoS Manipulation of data Bypassing authentication Bypassing security measure Oracle has...

Oracle WebCenter Portal Multiple Vulnerabilities (October 2023 CPU)

The version of Oracle WebCenter Portal installed on the remote host is missing a security patch from the October 2023 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities: - Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware component:...

CVE-2023-22096

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to compromise...