3671 matches found
CVE-2024-21126
Vulnerability in the Oracle Database Portable Clusterware component of Oracle Database Server. Supported versions that are affected are 19.3-19.23 and 21.3-21.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via DNS to compromise Oracle Database Portable...
CVE-2024-21123
Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported versions that are affected are 19.3-19.23. Easily exploitable vulnerability allows high privileged attacker having SYSDBA privilege with logon to the infrastructure where Oracle Database Core executes to...
CVE-2024-21123
Vulnerability in the Oracle Database Core component of Oracle Database Server. Supported versions that are affected are 19.3-19.23. Easily exploitable vulnerability allows high privileged attacker having SYSDBA privilege with logon to the infrastructure where Oracle Database Core executes to...
CVE-2024-21184
CVE-2024-21184 relates to the Oracle Database Server, specifically the RDBMS Security component. Connected sources confirm affected software: Oracle Database Server versions 19.3–19.23 with a privilege-management flaw that can be exploited by a high-privilege attacker who has Execute on SYS.XS_DI...
CVE-2024-21174
CVE-2024-21174 affects Oracle Database Server's Java VM component across 19.3–19.23, 21.3–21.14, and 23.4. The root cause is improper resource clearance/release in the Java VM, allowing a low-privileged attacker with Create Session and Create Procedure privileges and network access via Oracle Net...
CVE-2024-21126
CVE-2024-21126 affects Oracle Database Server’s portable clusterware component. The issue stems from insufficient input validation in Oracle Database Portable Clusterware, allowing an unauthenticated attacker with network access via DNS to compromise the component and potentially cause a partial ...
CVE-2024-21123
The CVE-2024-21123 issue affects Oracle Database Server (Oracle Database Core). Affected versions are 19.3 through 19.23. The root cause is insufficient input validation in the Oracle Database Core component, enabling a high-privileged attacker with SYSDBA privileges to compromise the Core when l...
Oracle MySQL 安全漏洞
Oracle MySQL Server is a relational database from Oracle Corporation. A security vulnerability exists in Oracle MySQL Server, which can be exploited by attackers to cause MySQL Server to hang without authorization or crash frequently and repeatedly full DOS...
PT-2024-4993 · Oracle · Oracle Database Server
Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 19.3 through 19.23 Description: The issue is related to insufficient input validation in the Oracle Database Core component. This allows a high-privileged attacker with SYSDBA privilege and logon access to the...
PT-2024-4992 · Oracle · Oracle Database Server +1
Name of the Vulnerable Software and Affected Versions: Oracle Database Server versions 19.3 through 19.23 Oracle Database Server versions 21.3 through 21.14 Description: The issue is related to insufficient input validation in the Oracle Database Portable Clusterware component, allowing an...
Oracle Database Password Hash Unauthorized Access
Title: CVE-2020-2969 – Unauthorized Access to Password Hashes by Account with DBA role Product: Database Manufacturer: Oracle Affected Versions: 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c, 19c Tested Versions: 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c, 19c Risk Level: Medium Solution Status: Fixed CVE Reference:...
The vulnerability of the Oracle Database Sharding component of the Oracle Database Server management system allows a hacker to trigger a service failure.
The vulnerability of Oracle Database Sharding in the Oracle Database Server database management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to cause service interruptions...
The vulnerability of the RDBMS component of the database management system Oracle Database Server allows a hacker to gain unauthorized access to protected information.
The vulnerability of the RDBMS component of the database management system, Oracle Database Server, is related to the disclosure of information. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
The vulnerability of the Unified Audit component of the Oracle Database Server system allows a perpetrator to gain access to read, modify, add, or delete data.
The vulnerability of the Unified Audit component of the Oracle Database Server management system is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker operating remotely to gain access to read, modify, add, or delete data...
Vulnerability of the Server component: The Optimizer component of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.
The vulnerability of the Oracle MySQL Server component of the database management system’s optimizer is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions using the MySQL protocol...
Vulnerability of the Server component: The Audit Plug-in of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.
The vulnerability of the Server component: The Audit Plug-in of the Oracle MySQL Server database management system is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions using the MySQL protocol...
Vulnerability of the Server component: The DML of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.
The vulnerability of the Oracle MySQL Server component is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to cause service interruptions using the MySQL protocol...
Vulnerability of the Server component: The Oracle MySQL Server database management system’s DDL functions allow a hacker to cause a service failure.
Vulnerability of the Server component: The DDL system for managing databases, Oracle MySQL Server, has vulnerabilities related to inadequate access control. Exploitation of these vulnerabilities could allow an attacker to cause service interruptions using the MySQL protocol...
Vulnerability of the Server component: The DML of the Oracle MySQL Server database management system, which allows a hacker to cause a service failure.
The vulnerability of the Oracle MySQL Server component is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to cause service interruptions using the MySQL protocol...
CVE-2024-23551 HCL BigFix Compliance is potentially affected by Oracle database credentials stored at endpoint
Database scanning using username and password stores the credentials in plaintext or encoded format within files at the endpoint. This has been identified as a significant security risk. This will lead to exposure of sensitive information for unauthorized access, potentially leading to severe...