Design/Logic Flaw

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 18c and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option. Successful...

Code injection

Vulnerability in the RDBMS Scheduler component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged attacker having Export Full Database privilege with network access via Oracle Net to compromis...

Design/Logic Flaw

Vulnerability in the Oracle Application Express Opportunity Tracker component of Oracle Database Server. The supported version that is affected is Prior to 20.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access via HTTP to...

Code injection

Vulnerability in the Unified Audit component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having SYS Account privilege with network access via Oracle Net to compromise Unified...

Design/Logic Flaw

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to compromise Java VM...

UBUNTU-CVE-2021-2024

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.22 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

CVE-2021-2116

Vulnerability in the Oracle Application Express Opportunity Tracker component of Oracle Database Server. The supported version that is affected is Prior to 20.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access via HTTP to...

CVE-2021-2117

Vulnerability in the Oracle Application Express Survey Builder component of Oracle Database Server. The supported version that is affected is Prior to 20.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access via HTTP to compromi...

CVE-2021-2116

Consolidated detail for CVE-2021-2116: A vulnerability in Oracle Database Server’s Application Express Opportunity Tracker (pre-20.2) allows a low-privilege attacker with a Valid User Account and network access via HTTP to compromise the component. Exploitation requires user interaction, and can ...

CVE-2021-2117

CVE-2021-2117 affects Oracle Database Server’s Application Express Survey Builder; vulnerable in all supported Oracle versions prior to 20.2. An authenticated, low-privilege user with network access via HTTP can exploit this vulnerability, with user interaction required, to potentially read and m...

CVE-2021-2117

Vulnerability in the Oracle Application Express Survey Builder component of Oracle Database Server. The supported version that is affected is Prior to 20.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access via HTTP to compromi...

CVE-2021-2054

Vulnerability in the RDBMS Sharding component of Oracle Database Server. Supported versions that are affected are 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having Create Any Procedure, Create Any View, Create Any Trigger privilege with network access...

CVE-2021-2054

Vulnerability in the RDBMS Sharding component of Oracle Database Server. Supported versions that are affected are 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having Create Any Procedure, Create Any View, Create Any Trigger privilege with network access...

CVE-2021-2054

CVE-2021-2054 affects Oracle Database Server, specifically the RDBMS Sharding component. Affected versions are 12.2.0.1, 18c, and 19c. The vulnerability can be exploited by a high-privilege attacker with Create Any Procedure, Create Any View, or Create Any Trigger privileges who has network acces...

CVE-2021-2045

Vulnerability in the Oracle Text component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to compromise Oracle...

CVE-2021-2045

CVE-2021-2045 is a vulnerability in the Oracle Database Server’s Text component affecting versions 12.1.0.2, 12.2.0.1, 18c, and 19c . A low-privilege attacker with Create Session privilege and network access via Oracle Net can exploit it to potentially cause a partial denial of service in Oracle ...

CVE-2021-2045

Vulnerability in the Oracle Text component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to compromise Oracle...

CVE-2021-2035

Vulnerability in the RDBMS Scheduler component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged attacker having Export Full Database privilege with network access via Oracle Net to compromis...

CVE-2021-2018

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 18c and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option. Successful...

CVE-2021-2018

CVE-2021-2018 affects Oracle Database Server’s Advanced Networking Option. Affected: Oracle Database Server 18c and 19c. Root cause per documented material: vulnerability in the Advanced Networking Option component; attacker can exploit via Oracle Net with network access, requiring no authenticat...