3671 matches found
Oracle Database Server 安全漏洞
Oracle Database Server is a relational database management system from Oracle Corporation USA. This database management system provides data management, distributed processing, and other functions. A security vulnerability exists in the Java VM of Oracle Database Server. An attacker exploiting th...
Oracle Database Server 安全漏洞
Oracle Database Server is a relational database management system from Oracle Corporation USA. The database management system provides data management, distributed processing, and other functions. A security vulnerability exists in Oracle Database Core for Oracle Database Server. An attacker coul...
Oracle Database Server 安全漏洞
Oracle Database Server is a relational database management system from the American company Oracle. The database management system provides data management, distributed processing, and other functions. A security vulnerability exists in Oracle Database Server's XML Database. An attacker exploitin...
Oracle Database Detection Consolidation
Consolidation of Oracle Database detections. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only include"pluginfeedinfo.inc"; ifdescription...
Oracle DB SQL Injection Via SYS.DBMS_CDC_SUBSCRIBE.ACTIVATE_SUBSCRIPTION
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.DBMSCDCSUBSCRIBE.ACTIVATESUBSCRIPTION', 'Description' = %q This module will escalate an Oracle DB user to DBA by...
Oracle DB SQL Injection Via SYS.DBMS_CDC_IPUBLISH.ALTER_HOTLOG_INTERNAL_CSOURCE
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.DBMSCDCIPUBLISH.ALTERHOTLOGINTERNALCSOURCE', 'Description' = %q The module exploits an sql injection flaw in the...
Oracle DB SQL Injection Via SYS.LT.COMPRESSWORKSPACE
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Oracle DB SQL Injection via SYS.LT.COMPRESSWORKSPACE', 'Description' = %q This module exploits an sql injection flaw in the COMPRESSWORKSPACE...
Oracle Database 12c Release 1 - Unquoted Service Path Vulnerability
Exploit Title: Oracle Database 12c Release 1 - Unquoted Service Path Exploit Author: Milad Karimi Ex3ptionaL Contact: email protected Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ Vendor Homepage: https://www.oracle.com/ Software Link:...
Oracle Database 12c Release 1 - Unquoted Service Path
Exploit Title: Oracle Database 12c Release 1 - Unquoted Service Path Date: 2024-07-31 Exploit Author: Milad Karimi Ex3ptionaL Contact: [email protected] Zone-H: www.zone-h.org/archive/notifier=Ex3ptionaL MiRROR-H: https://mirror-h.org/search/hacker/49626/ Vendor Homepage:...
Vulnerability of the Server component: The Optimizer component of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.
The vulnerability of the Oracle MySQL Server component of the database management system’s optimizer is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause service interruptions remotely...
The vulnerability of the Oracle Database Core component of the Oracle Database Server management system allows a hacker to gain access to modify, add, or delete data.
The vulnerability of the Oracle Database Core component of the Oracle Database Server management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to modify, add, or delete data...
The vulnerability of the Oracle Database Portable Clusterware component of the Oracle Database Server database management system allows a attacker to cause a service failure.
The vulnerability of the Oracle Database Portable Clusterware component of the Oracle Database Server management system exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause service interruptions remotely...
The vulnerability of the Java VM component of the Oracle Database Server system allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the Java VM component of the Oracle Database Server management system is related to the disclosure of information. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
Oracle Database Server (Jul 2024 CPU)
The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2024 CPU advisory. - Netty project is an event-driven asynchronous network application framework. In versions prior to 4.1.86.Final, a StackOverflowError can be...
Oracle Critical Patch Update, July 2024 Security Update Review
Oracle released its third quarterly edition of Critical Patch Update, which contains patches for 386 security vulnerabilities. Some of the vulnerabilities addressed in this update impact more than one product. These patches address vulnerabilities in various product families, including third-part...
Vulnerabilities fixed in Oracle Database Server
Vulnerabilities have been fixed in Oracle Database Server. A malicious party can exploit the vulnerabilities to carry out attacks that can result in the following categories of damage: Denial-of-Service DoS. Access to sensitive data Manipulation of data Circumvention of security measure Oracle ha...
CVE-2024-21184
Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server. Supported versions that are affected are 19.3-19.23. Easily exploitable vulnerability allows high privileged attacker having Execute on SYS.XSDIAG privilege with network access via Oracle Net to compromise...
CVE-2024-21184
Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server. Supported versions that are affected are 19.3-19.23. Easily exploitable vulnerability allows high privileged attacker having Execute on SYS.XSDIAG privilege with network access via Oracle Net to compromise...
CVE-2024-21174
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.23, 21.3-21.14 and 23.4. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to...
CVE-2024-21174
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.23, 21.3-21.14 and 23.4. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via Oracle Net to...