Lucene search
+L

171 matches found

RedHat Linux
RedHat Linux
added 2016/03/01 2:44 p.m.6 views

openssl: SSLv2 Bleichenbacher protection overwrites wrong bytes for export ciphers

It was discovered that the SSLv2 protocol implementation in OpenSSL did not properly implement the Bleichenbacher protection for export cipher suites. An attacker could use a SSLv2 server using OpenSSL as a Bleichenbacher oracle...

5.9CVSS6.8AI score0.06903EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2015/11/23 12:39 p.m.6 views

OpenJDK: inefficient use of hash tables and lists during XML parsing (JAXP, 8068842)

Unspecified vulnerability in Oracle Java SE 6u101, 7u85, and 8u60; Java SE Embedded 8u51; and JRockit R28.3.7 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2015-4893 and CVE-2015-4911...

5CVSS7.3AI score0.05288EPSS
Exploits0References5
Cvelist
Cvelist
added 2015/10/21 11:0 p.m.27 views

CVE-2015-4863

Unspecified vulnerability in the Portable Clusterware component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors...

8.3AI score0.03092EPSS
Exploits0References2
seebug.org
seebug.org
added 2015/05/18 12:0 a.m.98 views

某通用型电子采购系统Oracle盲注漏洞

简要描述: 捡漏啊 详细说明: 前人有经验: WooYun: 某通用型电子采购平台SQL注射(涉及大量企业) 厂商: http://www.1caitong.com/ 北京网达信联科技发展有限公司 SQL注入点: /GetPassWord.aspx POST参数txtUserName存在注入 Case: http://eps.umgg.com.cn/GetPassWord.aspx http://ygcg.xuangang.com.cn/GetPassWord.aspx http://222.134.89.6/GetPassWord.aspx...

7.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2015/03/23 11:4 p.m.6 views

openssl: SSLv2 Bleichenbacher protection overwrites wrong bytes for export ciphers

It was discovered that the SSLv2 protocol implementation in OpenSSL did not properly implement the Bleichenbacher protection for export cipher suites. An attacker could use a SSLv2 server using OpenSSL as a Bleichenbacher oracle...

5.9CVSS6.8AI score0.06903EPSS
Exploits0References5
CERT
CERT
added 2014/10/17 12:0 a.m.131 views

POODLE vulnerability in SSL 3.0

Overview Many modern TLS clients can fall back to version 3.0 of the SSL protocol, which is vulnerable to a padding-oracle attack when Cypher-block chaining CBC mode is used. This is commonly referred to as the "POODLE" Padding Oracle On Downgraded Legacy Encryption attack. Description CWE-327: U...

4.3CVSS4.3AI score0.99999EPSS
Exploits7References4
RedHat Linux
RedHat Linux
added 2013/10/23 4:26 p.m.5 views

OpenJDK: AccessControlContext check order issue (Libraries, 8001330)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and 5.0 Update 45 and earlier, and OpenJDK 7, allows remote attackers to affect confidentiality via unknown vectors related to Libraries, a different...

5CVSS6.8AI score0.04586EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2013/03/06 7:5 p.m.6 views

OpenJDK: Specially crafted sample model integer overflow (2D, 8007014)

Unspecified vulnerability in the 2D component in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than...

10CVSS7.8AI score0.10753EPSS
Exploits0References5
OpenVAS
OpenVAS
added 2012/08/14 12:0 a.m.28 views

Fedora Update for bugzilla FEDORA-2012-11324

Check for the Version of bugzilla OpenVAS Vulnerability Test Fedora Update for bugzilla FEDORA-2012-11324 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

5.1CVSS0.1AI score0.01553EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2011/02/17 6:12 p.m.4 views

OpenJDK Launcher incorrect processing of empty library path entries (6983554)

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE and Java for Business 6 Update 23 and earlier for Solaris and Linux; 5.0 Update 27 and earlier for Solaris and Linux; and 1.4.229 and earlier for Solaris and Linux allows local standalone applications to affect...

3.7CVSS5.8AI score0.00411EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2010/10/20 5:13 p.m.5 views

OpenJDK HttpURLConnection allows arbitrary request headers (6961084,6980004)

Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the...

5.1CVSS5.8AI score0.03102EPSS
Exploits0References4
myhack58
myhack58
added 2009/10/08 12:0 a.m.31 views

getwebshell for oracle-vulnerability warning-the black bar safety net

by elegant wind ping SQL create tablespace kjtest datafile 'e:\website\kj.asp' size 100k nologging ; Copy the code This will create the Table space. It should be noted that the oracle of the Table, The smallest unit is 100K. The following began to build the table: SQL Create TABLE WEBSHELLC...

0.3AI score
Exploits0
myhack58
myhack58
added 2009/09/21 12:0 a.m.13 views

Linx Oracle auto-attack-vulnerability warning-the black bar safety net

| | --- http://host/test.jsp?action=read&id=1 2 3 and chr1 not in --- Annex download: ! oracle...

0.2AI score
Exploits0
CERT
CERT
added 2006/01/19 12:0 a.m.36 views

Oracle Reports arbitrary file reading vulnerability

Overview Oracle Reports fails to validate URI parameters, possibly allowing a remote attacker to read arbitrary files on the Reports Server. Description Oracle Reports is an enterprise reporting tool that extracts data from multiple sources and inserts it into a formatted report. It is a componen...

5CVSS5.9AI score0.09108EPSS
Exploits1References4
Cvelist
Cvelist
added 2005/01/06 5:0 a.m.31 views

CVE-2004-1339

SQL injection vulnerability in the 1 MDSYS.SDOGEOMTRIGINS1 and 2 MDSYS.SDOLRSTRIGINS default triggers in Oracle 9i and 10g allows remote attackers to execute arbitrary SQL commands via the new.tablename or new.columnname parameters...

7.9AI score0.01477EPSS
Exploits0References3
NVD
NVD
added 2004/12/23 5:0 a.m.26 views

CVE-2004-1338

The triggers in Oracle 9i and 10g allow local users to gain privileges by using a sequence of partially privileged actions: using CCBKAPPLROWTRIG or EXECCBKFNDML to add arbitrary functions to the SDOCMTDBKFNTABLE and SDOCMTCBKDMLTABLE, then performing a DELETE on the SDOTXNIDXINSERTS table, which...

6.5CVSS6.6AI score0.01194EPSS
Exploits0References3
NVD
NVD
added 2004/08/04 4:0 a.m.21 views

CVE-2004-1364

Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to access arbitrary libraries outside of the $ORACLEHOME\bin directory...

8.5CVSS8.9AI score0.13782EPSS
Exploits9References10
NVD
NVD
added 2002/09/05 4:0 a.m.19 views

CVE-2002-0858

catsnmp in Oracle 9i and 8i is installed with a dbsnmp user with a default dbsnmp password, which allows attackers to perform restricted database operations and possibly gain other privileges...

7.5CVSS6.4AI score0.02174EPSS
Exploits0References3
Cvelist
Cvelist
added 2002/08/20 4:0 a.m.22 views

CVE-2002-0858

catsnmp in Oracle 9i and 8i is installed with a dbsnmp user with a default dbsnmp password, which allows attackers to perform restricted database operations and possibly gain other privileges...

6.4AI score0.02174EPSS
Exploits0References3
Cvelist
Cvelist
added 2002/02/02 5:0 a.m.26 views

CVE-2001-1041

oracle program in Oracle 8.0.x, 8.1.x and 9.0.1 allows local users to overwrite arbitrary files via a symlink attack on an Oracle log trace .trc file that is created in an alternate home directory identified by the ORACLEHOME environment variable...

6AI score0.00584EPSS
Exploits0References4
Rows per page
Query Builder