42 matches found
CVE-2022-21393
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via Oracle Net to compromise Java VM...
CVE-2022-21393
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via Oracle Net to compromise Java VM...
CVE-2021-35619
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 19c and 21c. Difficult to exploit vulnerability allows low privileged attacker having Create Procedure privilege with network access via Oracle Net to compromise Java VM...
Design/Logic Flaw
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via Oracle Net to compromise Java VM...
CVE-2021-2438
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via Oracle Net to compromise Java VM...
CVE-2020-14743
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Procedure privilege with network access via multiple protocols to...
CVE-2020-14741
Vulnerability in the Database Filesystem component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows high privileged attacker having Resource, Create Table, Create View, Create Procedure, Dbfsrole privilege...
Oracle Database Server CVE-2020-2517 Remote Security Vulnerability
Description Oracle Database Server is prone to a remote security vulnerability that exists in Database Gateway for ODBC. The vulnerability can be exploited over 'OracleNet' protocol. For an exploit to succeed, the attacker must have 'Create Procedure' and 'Create Database Link' privileges. This...
Oracle Database Server Multiple Vulnerabilities (Apr 2019 CPU)
The remote Oracle Database Server is missing the April 2019 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities : - An authenticated local Portable Clusterware takeover vulnerability exists in the Oracle RDBMS. An authenticated, local attacker with the Grid...
CVE-2018-3004
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2,12.2.0.1 and 18.2. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple...
Oracle Database Multiple Vulnerabilities (July 2017 CPU) (POODLE) (SWEET32)
The remote Oracle Database Server is missing the July 2017 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities : - A man-in-the-middle MitM information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting...
CVE-2011-0838
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to create procedure privileges...
CVE-2011-0838
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to create procedure privileges...
FrontBase关系数据库服务器create procedure远程栈溢出漏洞
FrontBase是一款企业级的关系数据库服务器。 FrontBase在创建存储过程时存在栈溢出漏洞,允许攻击者获得NT AUTHORITY\SYSTEM或root用户权限。 如果攻击者通过“create procedure” SQL语句传送了超长参数的话,就可以触发这个溢出,导致内存破坏。例如,以下SQL语句: create procedure "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa...
CVE-2007-1511
Buffer overflow in FrontBase Relational Database Server 4.2.7 and earlier allows remote authenticated users, with privileges for creating a stored procedure, to execute arbitrary code via a CREATE PROCEDURE request with a long procedure name...
CVE-2007-1511
Buffer overflow in FrontBase Relational Database Server 4.2.7 and earlier allows remote authenticated users, with privileges for creating a stored procedure, to execute arbitrary code via a CREATE PROCEDURE request with a long procedure name...
Oracle 10g SYS.KUPV$FT.ATTACH_JOB PL/SQL Injection Exploit
No description provided by source. / Exploit for Oracle10g R1 and R2 prior to CPU Oct 2006 Joxean Koret [email protected] Privileges needed: - EXECUTECATALOGROLE - CREATE PROCEDURE / select from userroleprivs ; CREATE OR REPLACE FUNCTION F1 RETURN NUMBER AUTHID CURRENTUSER IS PRAGMA...
Oracle 10g - SYS.KUPV$FT.ATTACH_JOB PL SQL Injection
Oracle 10g - SYS.KUPV$FT.ATTACHJOB PL SQL Injection / Exploit for Oracle10g R1 and R2 prior to CPU Oct 2006 Joxean Koret Privileges needed: - EXECUTECATALOGROLE - CREATE PROCEDURE / select from userroleprivs ; CREATE OR REPLACE FUNCTION F1 RETURN NUMBER AUTHID CURRENTUSER IS PRAGMA...
Oracle 10g SYS.KUPV$FT.ATTACH_JOB PL/SQL Injection Exploit
Exploit for multiple platform in category local exploits ========================================================== Oracle 10g SYS.KUPV$FT.ATTACHJOB PL/SQL Injection Exploit ========================================================== / Exploit for Oracle10g R1 and R2 prior to CPU Oct 2006 Joxean...
Oracle 10g - SYS.KUPW$WORKER.MAIN PL SQL Injection
Oracle 10g - SYS.KUPW$WORKER.MAIN PL SQL Injection / Exploit for Oracle10g R1 and R2 prior to CPU Oct 2006 Joxean Koret Privileges needed: - CREATE SESSION - CREATE PROCEDURE / select from userroleprivs ; CREATE OR REPLACE FUNCTION F1 RETURN NUMBER AUTHID CURRENTUSER IS PRAGMA...