Lucene search
K
OracleCollaboration Suite

63 matches found

CVE
CVE
added 2008/04/16 10:0 a.m.120 views

CVE-2008-1814

Technical details about CVE-2008-1814 are not provided in the supplied documents. No explicit affected products, root cause, or remediation are included here. Monitor for updates.

9CVSS8.9AI score0.02595EPSS
CVE
CVE
added 2006/04/20 10:0 a.m.112 views

CVE-2006-1884

Technical details for CVE-2006-1884 are not publicly available in the provided documents. No affected product/version, impact, or remediation is described here. Monitor for updates from official advisories and vulnerability databases.

10CVSS8.9AI score0.03837EPSS
CVE
CVE
added 2005/01/19 5:0 a.m.105 views

CVE-2004-1371

CVE-2004-1371 describes a stack-based buffer overflow in Oracle 9i/10g that allows remote attackers to execute arbitrary code by sending a long token in the text of a wrapped procedure. The vulnerability affects Oracle’s database/server components and can enable remote code execution with the att...

9CVSS9.6AI score0.10767EPSS
CVE
CVE
added 2007/01/17 2:0 a.m.103 views

CVE-2007-0275

CVE-2007-0275 is a documented cross-site scripting (XSS) vulnerability in the Oracle Reports Web Cartridge (RWCGI60) within the Workflow Cartridge component. The issue allows remote authenticated users to inject arbitrary HTML or web script by supplying a crafted value to the genuser parameter of...

3.5CVSS7.4AI score0.01224EPSS
CVE
CVE
added 2008/01/17 10:0 p.m.100 views

CVE-2008-0349

Technical details for CVE-2008-0349 are not publicly provided in the supplied documents; information about affected versions, root cause, impact, and remediation is not disclosed here. Monitor for updates.

10CVSS9AI score0.02625EPSS
CVE
CVE
added 2005/01/19 5:0 a.m.98 views

CVE-2004-1363

CVE-2004-1363 : The provided data confirms a buffer overflow in the extproc component of Oracle 10g. An attacker can trigger remote code execution by manipulating environment variables in the library name, which are expanded after the length check. The vulnerability is described as enabling remot...

9.8CVSS9.7AI score0.09095EPSS
CVE
CVE
added 2008/01/17 10:0 p.m.87 views

CVE-2008-0345

CVE-2008-0345 : The Connected documents confirm an unspecified vulnerability in the Core RDBMS component of Oracle Database 11.1.0.6. The description provides no detail on the exact affected sub-component, root cause, impact, or exploitation method, only stating “unknown impact” and “remote attac...

10CVSS9AI score0.02625EPSS
CVE
CVE
added 2008/01/17 10:0 p.m.86 views

CVE-2008-0346

Technical details about CVE-2008-0346 are not publicly provided in the supplied connected documents. The entries reference Oracle Application Server Jinitiator but do not specify vulnerable components, versions, impact, or fixes. Monitor for updates.

10CVSS8.9AI score0.02696EPSS
CVE
CVE
added 2007/07/18 7:0 p.m.85 views

CVE-2007-3854

CVE-2007-3854 affects Oracle Database 9.0.1.5+, 9.2.0.7, and 10.1.0.5. The entry documents multiple unspecified vulnerabilities allowing remote authenticated users to impact system via two components: the Advanced Queuing component (DB02) and the Spatial component (DB12). The description notes th...

5.5CVSS9.4AI score0.02533EPSS
CVE
CVE
added 2008/01/17 10:0 p.m.84 views

CVE-2008-0347

CVE-2008-0347 concerns an unspecified vulnerability in the Oracle Ultra Search component of Oracle Collaboration Suite 10.1.2, and in related Database 9.2.0.8, 10.1.0.5, 10.2.0.3, and Application Server 9.0.4.3 and 10.1.2.0.2. The issue is described as having unknown impact and local attack vecto...

10CVSS8.6AI score0.02696EPSS
CVE
CVE
added 2007/10/17 11:0 p.m.82 views

CVE-2007-5526

Technical details about CVE-2007-5526 are not publicly provided in the supplied documents; no affected product/version or impact specifics are stated. Monitor for updates.

10CVSS8.9AI score0.02238EPSS
CVE
CVE
added 2005/01/19 5:0 a.m.81 views

CVE-2004-1364

CVE-2004-1364 is an Oracle extproc directory traversal vulnerability affecting Oracle 9i and 10g. The flaw allows remote attackers to access arbitrary libraries outside the $ORACLE_HOME/bin directory by leveraging the extproc mechanism, potentially executing OS commands with the privileges of the...

8.5CVSS9.1AI score0.13782EPSS
CVE
CVE
added 2008/01/17 10:0 p.m.81 views

CVE-2008-0343

CVE-2008-0343 concerns an unspecified vulnerability in the Oracle Spatial component affecting Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, and 10.1.0.5. The description notes unknown impact and remote attack vectors (DB06). Public references list multiple advisories; the NVD entry assigns a...

10CVSS8.9AI score0.02625EPSS
CVE
CVE
added 2005/01/19 5:0 a.m.79 views

CVE-2004-1369

CVE-2004-1369 concerns the TNS Listener in Oracle 10g. The vulnerability allows remote attackers to cause a denial of service (listener crash) by sending a malformed service_register_NSGR request, where a value is used as an invalid offset for a pointer that references incorrect memory. The prima...

5CVSS8.9AI score0.0564EPSS
CVE
CVE
added 2005/01/19 5:0 a.m.77 views

CVE-2004-1366

CVE-2004-1366 affects Oracle 10g Database Server, where the password for the SYSMAN account is stored in cleartext in the world-readable emoms.properties file. This local-access weakness could allow unprivileged or local users to gain DBA privileges. No explicit remediation version or patch is pr...

4.6CVSS9.1AI score0.15495EPSS
CVE
CVE
added 2005/01/19 5:0 a.m.77 views

CVE-2004-1367

CVE-2004-1367 affects Oracle 10g Database Server. When installed with a password containing an exclamation point for the DBSNMP or SYSMAN user, an error is logged to the world‑readable postDBCreation.log, potentially exposing the password to local users who could use it against SYS or SYSTEM acco...

4.4CVSS9AI score0.07275EPSS
CVE
CVE
added 2005/01/19 5:0 a.m.75 views

CVE-2004-1365

CVE-2004-1365 affects Oracle 9i/10g extproc. The vulnerability allows local users to load a library or execute a function without authentication, enabling arbitrary commands to run as the Oracle user. This is documented in the NVD entry and reflected in related Nessus/NVD references.

4.6CVSS9.2AI score0.07362EPSS
CVE
CVE
added 2006/02/04 11:0 a.m.75 views

CVE-2006-0552

Technical details about CVE-2006-0552 (affected Oracle Net Listener, impact, exploitability, and fix) are not publicly provided in the supplied documents; monitor for official advisories for concrete information.

7.5CVSS9.2AI score0.04835EPSS
CVE
CVE
added 2005/01/19 5:0 a.m.74 views

CVE-2004-1370

CVE-2004-1370 is a set of confirmed SQL injection vulnerabilities in Oracle 9i/10g that affect PL/SQL procedures running with definer rights. The flaws allow remote attackers to execute arbitrary SQL commands and potentially gain privileges via the following procedures: DBMS_EXPORT_EXTENSION, WK_...

7.5CVSS10AI score0.03856EPSS
CVE
CVE
added 2007/04/18 6:0 p.m.74 views

CVE-2007-2130

CVE-2007-2130 describes an unspecified vulnerability in Oracle’s Workflow Cartridge affecting Oracle Database Server (9.2.0.1, 10.1.0.2, 10.2.0.1), Application Server (9.0.4.3, 10.1.2.0.2), Collaboration Suite (10.1.2), and E-Business Suite. The description indicates unknown impact and remote aut...

9CVSS8.7AI score0.02527EPSS
CVE
CVE
added 2008/01/17 10:0 p.m.74 views

CVE-2008-0340

CVE-2008-0340 concerns Oracle Database with multiple unspecified vulnerabilities affecting the Advanced Queuing (DB02) and Oracle Spatial (DB04) components across several versions (e.g., 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3). The description notes unknown impact and remote attack...

10CVSS9.2AI score0.02625EPSS
CVE
CVE
added 2008/01/17 10:0 p.m.74 views

CVE-2008-0344

Technical details about CVE-2008-0344 are not publicly available in the provided documents. The records note an unspecified vulnerability in the Oracle Spatial component with unknown impact; monitor for updates.

10CVSS8.9AI score0.02625EPSS
CVE
CVE
added 2006/10/18 1:0 a.m.73 views

CVE-2006-5361

Technical details for CVE-2006-5361 are not publicly provided in the supplied documents; monitor for updates.

10CVSS9.1AI score0.0231EPSS
CVE
CVE
added 2006/01/18 11:0 a.m.72 views

CVE-2006-0282

Technical details for CVE-2006-0282 are not publicly provided in the supplied documents. Monitor for updates from official advisories; the OpenVAS/Nessus entries reference the CVE but do not list affected versions, vectors, or fixes.

10CVSS9.1AI score0.06026EPSS
CVE
CVE
added 2007/01/17 2:0 a.m.72 views

CVE-2007-0280

CVE-2007-0280 describes a buffer overflow in Oracle Process Mgmt & Notification (OPMN01) affecting Oracle HTTP Server 9.0.1.5; Application Server 9.0.4.3 and 10.1.2.x; and Collaboration Suite 9.0.4.2 and 10.1.2. Oracle notes in the description that OPMN01 is believed to be the ONS buffer overflow...

7.5CVSS9.1AI score0.03073EPSS
CVE
CVE
added 2005/01/19 5:0 a.m.71 views

CVE-2004-1362

CVE-2004-1362 affects the PL/SQL module of the Oracle HTTP Server in Oracle Application Server 10g when using the WE8ISO8859P1 character set. The issue is a character conversion flaw that allows remote attackers to bypass access restrictions for certain procedures via an encoded URL containing “%...

7.5CVSS9.2AI score0.0905EPSS
CVE
CVE
added 2005/01/19 5:0 a.m.70 views

CVE-2004-1368

The CVE-2004-1368 entry affects Oracle ISQL*Plus in Oracle 10g Application Server. The vulnerability allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script, enabling potential arbitrary-file execution on the affected server. The ac...

7.8CVSS9.4AI score0.05556EPSS
CVE
CVE
added 2007/01/17 2:0 a.m.70 views

CVE-2007-0282

Concrete details exist in connected documents for the Oracle Process Mgmt & Notification (OPMN) component: a format string vulnerability in the OPMN daemon used by Oracle Grid/Enterprise components (e.g., 10.2.0.1) that can be exploited by crafting the URI in an HTTP request to port 6003, enablin...

3.2CVSS8.6AI score0.00407EPSS
CVE
CVE
added 2008/01/17 10:0 p.m.69 views

CVE-2008-0348

Technical details for CVE-2008-0348 are not publicly available in the provided documents. Monitor for updates in the connected sources.

10CVSS9.3AI score0.02625EPSS
CVE
CVE
added 2006/10/18 1:0 a.m.68 views

CVE-2006-5356

Technical details for CVE-2006-5356 are not publicly provided in the supplied documents. Monitor for updates from vendors and security advisories.

10CVSS9.1AI score0.0231EPSS
CVE
CVE
added 2007/01/17 2:0 a.m.65 views

CVE-2007-0285

CVE-2007-0285 affects Oracle software including Application Server (9.0.4.3, 10.1.2.0.2, 10.1.2.2), Collaboration Suite (9.0.4.2, 10.1.2), and E-Business Suite/Applications 11.5.10CU2, with the vulnerability tied to Oracle Reports Developer (REP01). The description notes an unspecified vulnerabil...

5CVSS8.7AI score0.01594EPSS
CVE
CVE
added 2007/07/18 7:0 p.m.65 views

CVE-2007-3859

Technical details for CVE-2007-3859 are not publicly available in the provided documents. No specifics on affected product version, root cause, or impact are given here; monitor for updates.

7.5CVSS9.2AI score0.03288EPSS
CVE
CVE
added 2007/04/18 6:0 p.m.64 views

CVE-2007-2125

Technical details (affected components, root cause, impact, or fixes) for CVE-2007-2125 are not publicly provided in the supplied documents. Monitor for updates.

10CVSS6.2AI score0.02238EPSS
CVE
CVE
added 2007/07/18 7:0 p.m.64 views

CVE-2007-3861

Technical details for CVE-2007-3861 are not publicly available in the provided documents; no specific affected products, root cause, or remediation are given. Monitor for official updates.

7.5CVSS9AI score0.02444EPSS
CVE
CVE
added 2006/10/18 1:0 a.m.62 views

CVE-2006-5364

Technical details for CVE-2006-5364 are not publicly available in the provided documents; monitor for updates from official advisories.

2.1CVSS8.7AI score0.01312EPSS
CVE
CVE
added 2007/01/17 2:0 a.m.62 views

CVE-2007-0287

Technical details are not publicly available in the provided documents for CVE-2007-0287; no affected products, impact, or remediation are specified here. Monitor for updates.

1.7CVSS8.8AI score0.00361EPSS
CVE
CVE
added 2006/10/18 1:0 a.m.61 views

CVE-2006-5348

Technical details for CVE-2006-5348 are not publicly provided in the supplied documents. Available records reference the vulnerability but do not specify affected products, root cause, or fixes. Monitor for updates.

10CVSS6AI score0.0231EPSS
CVE
CVE
added 2006/10/18 1:0 a.m.61 views

CVE-2006-5354

Technical details for CVE-2006-5354 are not publicly provided in the supplied documents. No affected products, impact, or remediation are specified here; monitor for updates and additional technical disclosures.

10CVSS9AI score0.0231EPSS
CVE
CVE
added 2006/04/20 10:0 a.m.59 views

CVE-2006-1879

Technical details (root cause, impact, affected components/versions, exploit vectors) are not publicly available in the provided documents. Monitor for updates for more concrete information about CVE-2006-1879.

10CVSS6.5AI score0.04631EPSS
CVE
CVE
added 2007/01/17 2:0 a.m.59 views

CVE-2007-0281

Public documents provided do not include concrete technical details (affected product, root cause, exploit vectors, or remediation) for CVE-2007-0281; monitor for updates.

5CVSS9AI score0.01631EPSS
CVE
CVE
added 2007/01/17 2:0 a.m.59 views

CVE-2007-0286

CVE-2007-0286 affects Oracle Application Server 10.1.2.0.2 and 10.1.3.0, and Collaboration Suite 10.1.2, with an unspecified vulnerability in Containers for J2EE (OC4J07). The initial description notes unknown impact and attack vectors; no concrete exploit details, affected subcomponents, version...

2.6CVSS8.8AI score0.01368EPSS
CVE
CVE
added 2007/01/17 2:0 a.m.58 views

CVE-2007-0283

Technical details for CVE-2007-0283 are not provided in the connected documents; the entries cite an unspecified vulnerability related to Oracle Containers for J2EE (OC4J02). Monitor for updates.

4CVSS8.8AI score0.01341EPSS
CVE
CVE
added 2007/07/18 7:0 p.m.58 views

CVE-2007-3863

Technical details for CVE-2007-3863 are not publicly provided in the supplied documents. No explicit affected versions, root cause, impact, or remediation are described here. Monitor for updates from Oracle advisories and security feeds.

7.5CVSS9AI score0.02444EPSS
CVE
CVE
added 2007/10/17 11:0 p.m.58 views

CVE-2007-5524

Technical details for CVE-2007-5524 are not publicly provided in the supplied documents; no specific affected products/versions, root cause, or remediation are disclosed. Monitor for updates.

7.5CVSS9AI score0.0187EPSS
CVE
CVE
added 2007/10/17 11:0 p.m.58 views

CVE-2007-5525

Technical details about CVE-2007-5525 are not provided in the supplied documents; the entries describe an unspecified vulnerability without impact or vectors. Monitor for updates.

7.5CVSS8.9AI score0.0187EPSS
CVE
CVE
added 2005/11/02 11:0 a.m.57 views

CVE-2005-3454

Technical details are not publicly available in the provided documents for CVE-2005-3454. No specifics on affected products, impact, or remediation are supplied. Monitor for updates.

10CVSS6.9AI score0.03768EPSS
CVE
CVE
added 2006/01/18 11:0 a.m.57 views

CVE-2006-0276

CVE-2006-0276 applies to Oracle Collaboration Suite Release 2 (Oracle9i), version 9.0.4.2, with multiple unspecified vulnerabilities across several components (Email Server; Wireless & Voice; Content Management SDK; Content Services). The available documents do not specify affected subcomponents ...

10CVSS6.8AI score0.04998EPSS
CVE
CVE
added 2006/01/18 11:0 a.m.57 views

CVE-2006-0283

CVE-2006-0283 refers to an unspecified vulnerability in Oracle products (Database Server 10.1.0.4.2, Application Server 10.1.2.0.2, Collaboration Suite Release 2) and Oracle9i (9.0.4.2), linked to Oracle Vuln# DBC02 in the Reorganize Objects & Convert Tablespace component. Public descriptions do ...

10CVSS9.1AI score0.06534EPSS
CVE
CVE
added 2006/01/18 11:0 a.m.57 views

CVE-2006-0290

Technical details for CVE-2006-0290 are not publicly disclosed in the provided documents; the entries only note an unspecified vulnerability in the Oracle Workflow Cartridge. Monitor for updates.

10CVSS9AI score0.05947EPSS
CVE
CVE
added 2006/01/18 11:0 a.m.57 views

CVE-2006-0291

Technical details for CVE-2006-0291 are not publicly available in the provided documents. Affected Oracle components are listed but no concrete root cause, impact, or fix information is disclosed here; monitor for updates.

10CVSS9.5AI score0.05947EPSS
Total number of security vulnerabilities63