CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

securityvulns•added 2005/07/07 12:0 a.m.•29 views

Problems with the Oracle Critical Patch Update for April 2005

Hey all, Whilst analyzing Oracle's Critical Patch Update for April 2005 I noticed some failures in it, that meant certain issues the patch was supposed to fix were actually left unfixed. One set of vulnerabilities "fixed" by the April CPU is a group of SQL injection bugs in DBMSSUBSCRIBE and...

Exploits0

Cvelist•added 2005/04/14 4:0 a.m.•21 views

CVE-2004-0637

Oracle Database Server 8.1.7.4 through 9.2.0.4 allows local users to execute commands with additional privileges via the ctxsys.driload package, which is publicly accessible...

9AI score0.19334EPSS

Exploits0References4

CVE•added 2005/04/14 4:0 a.m.•66 views

CVE-2004-0637

Oracle Database Server versions 8.1.7.4 through 9.2.0.4 are affected by a privilege-escalation vulnerability in the publicly accessible ctxsys.driload package. An authenticated user can invoke ctxsys.driload to execute arbitrary SQL statements with DBA privileges, enabling actions such as creatin...

6.5CVSS9AI score0.19334EPSS

Exploits0References4Affected Software2

securityvulns•added 2004/09/06 12:0 a.m.•19 views

[Full-Disclosure] SQL Injection via CTXSYS.DRILOAD in Oracle 8i/9i

http://www.red-database-security.com/advisory/advisory200409031.htm RDS200409031 - Red-Database-Security GmbH Research Advisory Name SQL Injection via CTXSYS.DRILOAD in Oracle 8i/9i Systems Affected Oracle 8i / Oracle9i all platforms Severity High Risk Category SQL Injection Vendor URL...

0.5AI score

Exploits0

securityvulns•added 2004/09/03 12:0 a.m.•43 views

[Full-Disclosure] iDEFENSE Security Advisory 09.02.04b: Oracle Database Server ctxsys.driload Access Validation Vulnerability

Oracle Database Server ctxsys.driload Access Validation Vulnerability iDEFENSE Security Advisory 09.02.04b www.idefense.com/application/poi/display?id=136&type=vulnerabilities September 2, 2004 I. BACKGROUND Oracle Database Server is a family of database products that range from personal database...

6.5CVSS0.8AI score0.19334EPSS

Exploits0

NVD•added 2004/09/02 4:0 a.m.•24 views

CVE-2004-0637

Oracle Database Server 8.1.7.4 through 9.2.0.4 allows local users to execute commands with additional privileges via the ctxsys.driload package, which is publicly accessible...

6.5CVSS6.5AI score0.19334EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by