The vulnerability of the RDBMS sharding component of the Oracle Database Server management system allows a hacker to gain full control over the application.

The vulnerability of Oracle Database Server’s RDBMS sharding component is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to gain full control over the application using Oracle Net technology...

The vulnerability of the InnoDB component of the MySQL Database Server allows a hacker to gain access to data for reading or to gain privileged access to the infrastructure.

The vulnerability of the InnoDB component in the MySQL Database Management System exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain read access to data or gain privileged access to the infrastructure...

Vulnerability of the Server component: PAM Auth Plugin of the MySQL Server database management system, which allows attackers to induce a service failure.

The vulnerability of the MySQL Server component’s PAM Auth Plugin is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions using the MySQL protocol...

[SECURITY] [DLA 2538-1] mariadb-10.1 security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2538-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk January 31, 2021 https://wiki.debian.org/LTS -...

The vulnerability of the Oracle Application Express Survey Builder component of the Oracle Database Server database management system allows attackers to perform cross-site scripting attacks.

The vulnerability of the Oracle Application Express Survey Builder component of the Oracle Database Server database management system is related to the lack of protective measures for the web page structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting...

Security Bulletin: Multiple Oracle Database Server Vulnerabilities Affect IBM Emptoris Sourcing

Summary Multiple Oracle Database Server security vulnerabilities affect IBM Emptoris Sourcing. Vulnerability Details CVEID: CVE-2020-14741 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Database Filesystem component could allow an authenticated attacker to caus...

Security Bulletin: Multiple Oracle Database Server Vulnerabilities Affect IBM Emptoris Supplier Lifecycle Mgmt

Summary Multiple Oracle Database Server security vulnerabilities affect IBM Emptoris Supplier Lifecycle Mgmt. Vulnerability Details CVEID: CVE-2020-14741 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Database Filesystem component could allow an authenticated...

Security Bulletin: Multiple Oracle Database Server Vulnerabilities Affect IBM Emptoris Strategic Supply Management Platform

Summary Multiple Oracle Database Server Security Vulnerabilities Affect IBM Emptoris Strategic Supply Management Platform Vulnerability Details CVEID: CVE-2020-14741 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Database Filesystem component could allow an...

Security Bulletin: Multiple Oracle Database Server Vulnerabilities Affect IBM Emptoris Contract Management

Summary Multiple Oracle Database Server security vulnerabilities affect IBM Emptoris Contract Management. Vulnerability Details CVEID: CVE-2020-14741 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Database Filesystem component could allow an authenticated...

Security Bulletin: Multiple Oracle Database Server Vulnerabilities Affect IBM Emptoris Program Management

Summary Multiple Oracle Database Server security vulnerabilities affect IBM Emptoris Program Management. Vulnerability Details CVEID: CVE-2020-14741 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Database Filesystem component could allow an authenticated attack...

Oracle Database Server Multiple Vulnerabilities (Jan 2021 CPU)

The versions of Oracle Database Server installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2021 CPU advisory. - Vulnerability in the RDBMS Scheduler component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c...

Vulnerabilities fixed in Oracle Database Server

Oracle has fixed vulnerabilities in the following Oracle Database Server products: Database - Enterprise Edition Text Advanced Networking Option Application Express APEX PERL The vulnerabilities allow an unauthenticated malicious person with network access to the vulnerable system may be able to...

The vulnerability of the Microsoft SQL Server relational database management system arises from insufficient validation of input data, allowing attackers to execute arbitrary code.

The vulnerability of the Microsoft SQL Server relational database management system exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

CVE-2021-2117

Vulnerability in the Oracle Application Express Survey Builder component of Oracle Database Server. The supported version that is affected is Prior to 20.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access via HTTP to compromi...

CVE-2021-2117

Vulnerability in the Oracle Application Express Survey Builder component of Oracle Database Server. The supported version that is affected is Prior to 20.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access via HTTP to compromi...

CVE-2021-2054

Vulnerability in the RDBMS Sharding component of Oracle Database Server. Supported versions that are affected are 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having Create Any Procedure, Create Any View, Create Any Trigger privilege with network access...

CVE-2021-2035

Vulnerability in the RDBMS Scheduler component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged attacker having Export Full Database privilege with network access via Oracle Net to compromis...

CVE-2021-2018

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 18c and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option. Successful...

CVE-2021-2000

Vulnerability in the Unified Audit component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having SYS Account privilege with network access via Oracle Net to compromise Unified...

Design/Logic Flaw

Vulnerability in the Oracle Application Express Survey Builder component of Oracle Database Server. The supported version that is affected is Prior to 20.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access via HTTP to compromi...