3671 matches found
CVE-2025-30751
Vulnerability in the Oracle Database component of Oracle Database Server. Supported versions that are affected are 19.27 and 23.4-23.8. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to compromis...
Oracle Database Server 访问控制错误漏洞
Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. Oracle Database Server has a security vulnerability in Oracle Database Server JDBC that...
Oracle Database Server 安全漏洞
Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. A security vulnerability exists in Oracle Database Materialized View for Oracle Databas...
Oracle Database Server 安全漏洞
Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. Oracle Database Server's Oracle Database has a security vulnerability that can be...
Oracle Database Server 安全漏洞
Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. A security vulnerability exists in Unified Audit of Oracle Database Server, which can b...
Oracle MySQL 安全漏洞
Oracle MySQL is an open source relational database management system.MySQL Client is a MySQL client, a program used to communicate with a server to process information in a database managed by the server. A security vulnerability in MySQL Cluster versions 8.0.0 through 8.0.42, 8.4.0 through 8.4.5...
Oracle MySQL 资源管理错误漏洞
Oracle MySQL Server is a relational database from Oracle Corporation. A resource management error vulnerability exists in Oracle MySQL Server that stems from improper access control of the DDL component and can be exploited by an attacker to cause a denial of service...
Oracle MySQL 资源管理错误漏洞
Oracle MySQL Server is a relational database from Oracle Corporation. A resource management error vulnerability exists in Oracle MySQL Server that stems from improper access control of the Optimizer component and can be exploited by an attacker to cause a denial of service...
PT-2025-29624 · Oracle · Oracle Database Server
Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 19.3 through 19.27 Oracle Database Server versions 21.3 through 21.18 Description: A vulnerability exists within the Java VM component of Oracle Database Server. A low-privileged attacker with Create Session an...
Oracle Database Server 安全漏洞
Oracle Database Server is a set of relational database management system of the United States Oracle Oracle. The database management system provides data management, distributed processing and other functions. A security vulnerability exists in the Java VM of Oracle Database Server, which can be...
PT-2025-29625 · Oracle · Oracle Database Server
Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 23.4 through 23.8 Description: A vulnerability exists within the JDBC component of Oracle Database Server. This difficult-to-exploit issue allows a low-privileged attacker with authenticated OS user privileges ...
PT-2025-29603 · Oracle · Oracle Database +1
Name of the Vulnerable Software and Affected Versions: Oracle Database versions 19.3 through 19.27 Oracle Database versions 23.4 through 23.8 Description: This issue affects the Oracle Database component of Oracle Database Server. A low-privileged attacker with Create Session and Create Procedure...
PT-2025-29621 · Oracle · Oracle Database 23.4 +8
Name of the Vulnerable Software and Affected Versions: Oracle Database versions 19.3 through 19.27 Oracle Database versions 21.3 through 21.18 Oracle Database versions 23.4 through 23.8 Description: This issue affects the Oracle Database Materialized View component. A highly privileged attacker...
PT-2025-29602 · Oracle · Oracle Database Server
Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 19.3 through 19.27 Oracle Database Server versions 21.3 through 21.18 Oracle Database Server versions 23.4 through 23.8 Description: This issue resides within the Unified Audit component of Oracle Database...
📄 Oracle 23ai / 21c / 19c Privilege Escalation
Oracle versions 23ai, 21c, and 19c suffer from a privilege escalation vulnerability that allows DBA access. Title: Oracle 23ai Privilege Escalation From GRANT ANY ROLE To DBA Role Vendor: Oracle Product: Oracle database system Affected Versions: 23ai , 21c , 19c Risk Level: Medium Author of...
The vulnerability of the Java VM component of the Oracle Database Server management system allows a hacker to gain access to read, modify, or delete data.
The vulnerability of the Java VM component of the Oracle Database Server management system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain read, modify, or delete access to data remotely...
The vulnerability of the RAS Security component of the Oracle Database Server system allows a perpetrator to gain access to read, modify, add, or delete data.
The vulnerability of the RAS Security component of the Oracle Database Server system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain read, modify, add, or delete access to data...
GHSA-PRWH-7838-XF82 XWiki allows SQL injection in query endpoint of REST API with Oracle
Impact It's possible to execute any SQL query in Oracle by using the function like DBMSXMLGEN or DBMSXMLQUERY. The XWiki query validator does not sanitize functions that would be used in a simple select and Hibernate allows using any native function in an HQL query. Patches This has been patched ...
XWiki allows SQL injection in query endpoint of REST API with Oracle
Impact It's possible to execute any SQL query in Oracle by using the function like DBMSXMLGEN or DBMSXMLQUERY. The XWiki query validator does not sanitize functions that would be used in a simple select and Hibernate allows using any native function in an HQL query. Patches This has been patched ...
CVE-2024-56158 XWiki allows SQL injection in query endpoint of REST API with Oracle
XWiki is a generic wiki platform. It's possible to execute any SQL query in Oracle by using the function like DBMSXMLGEN or DBMSXMLQUERY. The XWiki query validator does not sanitize functions that would be used in a simple select and Hibernate allows using any native function in an HQL query. Thi...