2885 matches found
CVE-2020-2513
Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker having SQL Workshop privilege with network access via HTTP to compromise Oracle Application...
Design/Logic Flaw
Vulnerability in the Data Pump component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows high privileged attacker having DBA role account privilege with network access via Oracle Net to...
Design/Logic Flaw
Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker having SQL Workshop privilege with network access via HTTP to compromise Oracle Application...
Design/Logic Flaw
Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker having SQL Workshop privilege with network access via HTTP to compromise Oracle Application...
Design/Logic Flaw
Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker having SQL Workshop privilege with network access via HTTP to compromise Oracle Application...
Design/Logic Flaw
Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker having Valid User Account privilege with network access via HTTP to compromise Oracle Application...
Design/Logic Flaw
Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker having SQL Workshop privilege with network access via HTTP to compromise Oracle Application...
CVE-2020-2973
Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker having SQL Workshop privilege with network access via HTTP to compromise Oracle Application...
CVE-2020-2968
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multipl...
CVE-2020-2968
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multipl...
CVE-2020-2968
CVE-2020-2968 affects Oracle Database Server’s Java VM component. Public docs identify affected versions as 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c, and 19c. The vulnerability allows a low-privileged attacker with Create Session and Create Procedure privileges, with network access via multiple protocol...
CVE-2020-2513
CVE-2020-2513 affects Oracle Application Express (APEX) within Oracle Database Server, affecting 5.1–19.2. The vulnerability can be exploited by a low-privileged user with SQL Workshop privilege over HTTP, requiring user interaction, to read and modify APEX data and potentially read restricted da...
CVE-2020-2969
CVE-2020-2969 affects Oracle Database Server’s Data Pump component. Affected versions: 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c, and 19c. The issue is exploitable by a high-privilege DBA account with network access via Oracle Net, potentially allowing takeover of Data Pump. CVSSv3.1 base score is 6.6 (C...
CVE-2020-2971
CVE-2020-2971 affects Oracle Application Express within Oracle Database Server (versions 5.1–19.2). The vulnerability allows a low-privileged attacker with SQL Workshop privilege and network access via HTTP to compromise APEX. Attacks require human interaction, and the impact can include unauthor...
CVE-2020-2977
CVE-2020-2977 affects Oracle Database Server via the Application Express (APEX) component. Affected: APEX versions 5.1–19.2. The vulnerability is exploitable by a low-privilege user with a Valid User Account, who can access the server over HTTP and requires user interaction. Consequences include ...
Unspecified Vulnerability in Oracle Database Server Application Express Component (CNVD-2020-44291)
Oracle Database Server is the United States Oracle Oracle a set of relational database management system. The database management system provides data management, distributed processing and other functions. Application Express APEX, formerly known as HTML DB is one of the Web applications for the...
Unspecified Vulnerability in Oracle Database Server Java VM Component (CNVD-2020-44296)
Oracle Database Server is a set of relational database management system of Oracle Oracle. The database management system provides data management, distributed processing and other functions.Java VM is one of the Java virtual machine components. A security vulnerability exists in the Java VM...
Unspecified Vulnerability in Oracle Database Server Application Express Component (CNVD-2020-44290)
Oracle Database Server is the United States Oracle Oracle a set of relational database management system. The database management system provides data management, distributed processing and other functions. Application Express APEX, formerly known as HTML DB is one of the Web applications for the...
CVE-2020-2978
Vulnerability in the Oracle Database - Enterprise Edition component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having DBA role account privilege with network access via Oracl...
Unspecified Vulnerability in Oracle Database Server Data Pump Component
Oracle Database Server is an object-relational database management system that provides an open, comprehensive, and integrated approach to information management.Data Pump is the data and metadata migration component. A security vulnerability exists in the Data Pump component in Oracle Database...