CVE-2015-4735

CVE-2015-4735 affects Oracle Enterprise Manager Grid Control (RAC Management) in EM Base Platform 11.1.0.1 and EM DB Control 11.2.0.3/11.2.0.4. The vulnerability allows remote, unauthenticated access via HTTP to read a subset of data, compromising confidentiality. Public sources in connected docu...

CVE-2015-2647

Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1; EM Plugin for DB 12.1.0.5, 12.1.0.6, 12.1.0.7; and EM DB Control 11.1.0.7, 11.2.0.3, and 11.2.0.4 allows remote authenticated users to affect...

CVE-2014-6488

CVE-2014-6488 affects Oracle Enterprise Manager components (Grid Control EM Base Platform: 10.2.0.5, 11.1.0.1; EM DB Control: 11.1.0.7, 11.2.0.3, 11.2.0.4; EM Plugin for DB: 12.1.0.4–12.1.0.6) in the Content Management sub-component. The vulnerability is described as unspecified with remote authe...

CVE-2013-5828

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 and 12.1.0.3 allows remote attackers to affect integrity via...

CVE-2013-5827

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 allows remote attackers to affect integrity via unknown vecto...

CVE-2013-5828

CVE-2013-5828 affects Oracle Enterprise Manager Grid Control and related components. Specifically, the Enterprise Manager Base Platform components EM Base Platform (versions 10.2.0.5 and 11.1.0.1), EM DB Control (11.1.0.7, 11.2.0.2, 11.2.0.3), and the EM Plugin for DB (12.1.0.2 and 12.1.0.3) are ...

CVE-2013-5766

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 and 12.1.0.3 allows remote attackers to affect integrity via...

CVE-2013-3762

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2, 12.1.0.3, and 12.1.0.4 allows remote attackers to affect...

CVE-2013-3762

CVE-2013-3762 corresponds to an unspecified vulnerability in Oracle Enterprise Manager Grid Control EM Base Platform and related components (EM Base Platform 10.2.0.5/11.1.0.1; EM DB Control 11.1.0.7/11.2.0.2/11.2.0.3; EM Plugin for DB 12.1.0.2/12.1.0.3/12.1.0.4) that allows remote attackers to a...

CVE-2013-3791

Unspecified vulnerability in Enterprise Manager EM Base Platform 10.2.0.5 and EM DB Control 11.1.0.7 in Oracle Enterprise Manager Grid Control allows remote attackers to affect integrity via unknown vectors related to User Interface Framework...

CVE-2013-3758

Technical details about CVE-2013-3758 are not publicly available in the provided documents; monitor for updates from Oracle and security advisories.

CVE-2013-3791

Oracle Enterprise Manager Grid Control: CVE-2013-3791 corresponds to a cross‑site scripting vulnerability in the Oracle Enterprise Manager Grid Control/EM Base Platform 10.2.0.5 and EM DB Control 11.1.0.7, due to flaws in the UI Framework. Affected products include Enterprise Manager Grid Control...

CVE-2013-3758

Unspecified vulnerability in the Enterprise Manager EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 and 12.1.0.3 in Oracle Enterprise Manager Grid Control allows remote attackers to affect integrity via...

CVE-2013-0358

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1 and 12.1.0.2 allows remote...

CVE-2012-3219

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1 and 12.1.0.2 allows remote...

CVE-2013-0358

CVE-2013-0358 is supported by a TeamSHATTER advisory detailing a SQL Injection in Oracle Enterprise Manager (Resource Manager) affecting OEM Database Control 10.2.0.3/10.2.0.4/10.2.0.5, 11.1.0.7, 11.2.0.2/11.2.0.3 and EM Plugin for DB 12.1.0.1/12.1.0.2. The issue arises from vulnerable parameters...

CVE-2013-0372

CVE-2013-0372 affects Oracle Enterprise Manager products (EM Base Platform/Grid Control and EM DB Control) with an SQL Injection vulnerability in the advReplicationAdmin path of the OEM web application, enabling remote attackers to execute SQL in the backend database. Affected versions include EM...

CVE-2013-0355

The CVE-2013-0355 issue corresponds to a cross-site scripting vulnerability in Oracle Enterprise Manager components (EM Base Platform and EM DB Control) affecting versions 11.1.0.7, 11.2.0.2, and 11.2.0.3, related to the Distributed/Cross DB Features. The TeamSHATTER advisory documents a remote-e...

CVE-2013-0352

Oracle CVE-2013-0352 describes a Cross‑Site Scripting vulnerability in Oracle Enterprise Manager components, specifically the EM Database Control/XML Database Resources page via the cancelURL parameter. An attacker could remotely exploit this to steal session cookies and impersonate a legitimate ...

CVE-2012-3219

Oracle EM/Database Control Segment Advisor vulnerability (CVE-2012-3219) involves an arbitrary URL redirection/phishing flaw in the EM Segment Advisor page. Affected products match the CVE entry: Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3...