Lucene search
K
OracleDatabase 10g

37 matches found

CVE
CVE
added 2009/04/15 10:0 a.m.125 views

CVE-2009-0992

CVE-2009-0992 affects Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.7 in the Advanced Queuing DBMS_AQIN package. The issue is described as a SQL injection vulnerability in the DEQ_EXEJOB procedure due to improper input handling. This can impact confidentiality and integrity for remote-authentica...

5.5CVSS6.3AI score0.02041EPSS
CVE
CVE
added 2009/04/15 10:0 a.m.120 views

CVE-2009-0985

CVE-2009-0985 maps to an unspecified vulnerability in the Core RDBMS component of Oracle Database versions 10.1.0.5, 10.2.0.4 and 11.1.0.6. The NVD entry notes that remote authenticated users with the IMP_FULL_DATABASE role can affect confidentiality, integrity and availability. Connected documen...

7.1CVSS5.8AI score0.0174EPSS
CVE
CVE
added 2009/04/15 10:0 a.m.119 views

CVE-2009-0991

CVE-2009-0991 is a vulnerability in the Oracle Database TNS Listener (Listener component) that allows remote attackers to cause a denial of service by sending crafted TNS packets. The vulnerability affects Oracle Database versions including 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7, an...

5CVSS6AI score0.07578EPSS
CVE
CVE
added 2008/10/14 9:0 p.m.116 views

CVE-2008-3976

Technical details for CVE-2008-3976 are not provided in the supplied documents. No affected product versions, root cause, or remediation are specified here. Monitor for updates from authoritative sources.

5.5CVSS5.4AI score0.01761EPSS
CVE
CVE
added 2008/10/14 9:0 p.m.112 views

CVE-2008-3983

CVE-2008-3983 is a SQL injection vulnerability in Oracle Database Server’s Workspace Manager component (SYS.LT) affecting 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6. The flaw allows a remote authenticated user to affect confidentiality and integrity via SYS.LT.MERGEWORKSPACE (and relate...

5.5CVSS5.4AI score0.4181EPSS
CVE
CVE
added 2009/04/15 10:0 a.m.112 views

CVE-2009-0975

Oracle Workspace Manager contains a SQL injection in SYS.LT.ROLLBACKWORKSPACE (CVE-2009-0978) that can be exploited by any user with execute privilege on the vulnerable package to run privileged SQL statements. The CVE-2009-0975 entry is the related, unspecified vulnerability. The connected docum...

5.5CVSS5.6AI score0.01744EPSS
CVE
CVE
added 2009/01/14 1:0 a.m.107 views

CVE-2008-3979

CVE-2008-3979 is an Oracle Database issue affecting the Spatial component in Oracle Database 10.1.0.5 and 10.2.0.2. The vulnerability exists in the MDSYS.SDO_TOPO_DROP_FTBL trigger, where an SQL injection flaw could be exploited by a remote authenticated user to escalate privileges (potentially t...

5.5CVSS6.2AI score0.32434EPSS
CVE
CVE
added 2009/04/15 10:0 a.m.106 views

CVE-2009-0986

CVE-2009-0986 affects Oracle Database Workspace Manager in versions 10.2.0.4 and 11.1.0.6. Described as an unspecified vulnerability allowing remote authenticated access to affect confidentiality, integrity, and availability via unknown vectors. Public materials tie this CVE to Oracle’s April 200...

5.4CVSS5.7AI score0.01377EPSS
CVE
CVE
added 2009/04/15 10:0 a.m.105 views

CVE-2009-0977

The CVE-2009-0977 issue is an Oracle Database SQL injection vulnerability in the DBMS_AQADM_SYS.GRANT_TYPE_ACCESS procedure. Public docs state a SQL injection exists due to insufficient input validation, allowing a remote attacker with valid credentials to inject and execute SQL within the databa...

5.5CVSS6.3AI score0.01316EPSS
CVE
CVE
added 2009/01/14 1:0 a.m.104 views

CVE-2008-3973

Technical details about CVE-2008-3973 are not publicly provided in the connected documents. They note an unspecified vulnerability in the SQL*Plus Windows GUI with limited information; monitor Oracle CPU advisories and vendor updates for specifics.

1.7CVSS5.6AI score0.00327EPSS
CVE
CVE
added 2008/10/14 9:0 p.m.104 views

CVE-2008-3982

CVE-2008-3982 concerns SQL injection in Oracle Workspace Manager (Workspace Manager component) of Oracle Database. Connected sources document concrete exploits in SYS.LT.* procedures (COMPRESSWORKSPACE, MERGEWORKSPACE, REMOVEWORKSPACE) that allow an attacker with execute privilege to inject SQL, ...

5.5CVSS5.4AI score0.1143EPSS
CVE
CVE
added 2008/10/14 9:0 p.m.103 views

CVE-2008-3996

Oracle Database Change Data Capture vulnerability in SYS.DBMS_CDC_IPUBLISH.ALTER_HOTLOG_INTERNAL_CSOURCE allows SQL injection exploitable by any user with EXECUTE privilege on the package (10gR1, 10gR2, 11gR1). Remote attacker can execute injected SQL with SYS privileges; fix available via Octobe...

5.5CVSS5.4AI score0.09524EPSS
CVE
CVE
added 2009/01/14 1:0 a.m.103 views

CVE-2008-3999

CVE-2008-3999 affects the Oracle Database OLAP component (versions 9.2.0.8, 9.2.0.8DV, and 10.1.0.5). The issue is described as an unspecified vulnerability related to SYS.OLAPIMPL_T that could allow remote authenticated users to affect availability. Exploitation details are not provided in the s...

4CVSS5.7AI score0.0199EPSS
CVE
CVE
added 2009/01/14 1:0 a.m.103 views

CVE-2008-4015

CVE-2008-4015 affects Oracle Database 10.1.0.5 in the Oracle Streams component, with the vulnerability related to SYS.DBMS_STREAMS_AUTH, allowing remote authenticated users to impact confidentiality and integrity. The issue is documented with a CVSS v2 base score of 5.5 (Network attack, low compl...

5.5CVSS5.5AI score0.01723EPSS
CVE
CVE
added 2009/04/15 10:0 a.m.103 views

CVE-2009-0978

CVE-2009-0978 affects Oracle Database Workspace Manager: a SQL injection flaw in the SYS.LT.ROLLBACKWORKSPACE procedure can allow a user with execute privilege on SYS.LT.ROLLBACKWORKSPACE to run privileged SQL via crafted calls. The public material references a Metasploit module exploiting this v...

5.5CVSS5.6AI score0.17865EPSS
CVE
CVE
added 2008/10/14 9:0 p.m.101 views

CVE-2008-3994

CVE-2008-3994 affects Oracle Database: Workspace Manager component (LTADM) in versions 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6. The root cause is an SQL injection vulnerability in LTADM (WP/WMSYS owner) that can be triggered by remote authenticated users, potentially compromising con...

5.5CVSS5.4AI score0.01018EPSS
CVE
CVE
added 2009/01/14 1:0 a.m.101 views

CVE-2008-5439

CVE-2008-5439 concerns Oracle Database 10.2.0.4, specifically the SQL*Plus Windows GUI component. The vulnerability is described as unspecified, allowing remote authenticated users to affect confidentiality via unknown vectors. The NVD entry assigns a CVSS v2 base score of 4.0 (Medium) with netwo...

4CVSS5.5AI score0.01736EPSS
CVE
CVE
added 2008/10/14 9:0 p.m.100 views

CVE-2008-2624

CVE-2008-2624 affects the Oracle OLAP component of Oracle Database 10.1.0.5. The vulnerability is described as an unspecified issue that could allow remote authenticated users to compromise confidentiality, integrity, and availability via unknown vectors. Connected sources indicate this CVE was a...

6.5CVSS5.5AI score0.01167EPSS
CVE
CVE
added 2008/10/14 9:0 p.m.100 views

CVE-2008-3992

CVE-2008-3992 involves an unspecified vulnerability in the Oracle Data Mining component of Oracle Database 10.2.0.4, allowing remote authenticated users to affect confidentiality and integrity (related to DMSYS.DBMS_DM_EXP_INTERNAL). Connected documents confirm this CVE is among Oracle’s October ...

5.5CVSS5.4AI score0.00987EPSS
CVE
CVE
added 2008/10/14 9:0 p.m.99 views

CVE-2008-3991

The CVE-2008-3991 entry concerns an unspecified vulnerability in the Oracle OLAP component of Oracle Database versions 9.2.08, 9.2.0.8DV, and 10.1.0.5, related to OLAPSYS.CWM2_OLAP_AW_AWUTIL. The impact stated is availability via remote authenticated access. The provided documents do not include ...

4CVSS5.5AI score0.01446EPSS
CVE
CVE
added 2008/10/14 9:0 p.m.98 views

CVE-2008-3995

CVE-2008-3995 affects Oracle Database (10gR1/10gR2/11gR1) Change Data Capture component. The root cause is an SQL injection in SYS.DBMS_CDC_PUBLISH.ALTER_AUTOLOG_CHANGE_SOURCE, exploitable by any user with EXECUTE privilege on the package. Impact per sources: remote authenticated access that can ...

5.5CVSS5.4AI score0.0954EPSS
CVE
CVE
added 2009/01/14 1:0 a.m.98 views

CVE-2008-5437

CVE-2008-5437 affects the Job Queue component in Oracle Database (versions 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, 11.1.0.6). The vulnerability allows remote authenticated users to impact confidentiality and integrity via the DBMS_IJOB interface. Root cause details are not provided in the given d...

5.5CVSS5.6AI score0.01723EPSS
CVE
CVE
added 2008/10/14 9:0 p.m.97 views

CVE-2008-3984

CVE-2008-3982, CVE-2008-3983, and CVE-2008-3984 are SQL injection flaws in Oracle Workspace Manager (SYS.LT.*: MERGEWORKSPACE, COMPRESSWORKSPACE, REMOVEWORKSPACE) that allow a remote authenticated user to affect confidentiality and integrity. Public details show Metasploit modules targeting SYS.L...

5.5CVSS5.4AI score0.4181EPSS
CVE
CVE
added 2009/01/14 1:0 a.m.96 views

CVE-2008-3978

Oracle CVE-2008-3978 affects Oracle Database 10.1.0.5, specifically the Spatial component. The vulnerability is described as unspecified and exploitable by remote authenticated users, potentially impacting confidentiality and integrity via unknown vectors. The connected sources indicate Oracle’s ...

5.5CVSS5.4AI score0.01168EPSS
CVE
CVE
added 2008/10/14 9:0 p.m.96 views

CVE-2008-3980

CVE-2008-3980 affects Oracle Database 10.1.0.5 and 10.2.0.3, specifically the Upgrade component. The vulnerability allows remote authenticated users to impact confidentiality and integrity via unknown vectors; the exact vectors/conditions are not detailed in the provided documents. Oracle’s Octob...

4.9CVSS5.4AI score0.00902EPSS
CVE
CVE
added 2008/10/14 9:0 p.m.96 views

CVE-2008-3990

CVE-2008-3990 affects the Oracle OLAP component in Oracle Database 9.2.08, 9.2.0.8DV, and 10.1.0.5. The issue allows remote authenticated users to affect availability and is linked to OLAPSYS.CWM2_OLAP_AW_AWUTIL; it is a separate vulnerability from CVE-2008-3991. The connected documents confirm t...

4CVSS5.5AI score0.01176EPSS
CVE
CVE
added 2009/04/15 10:0 a.m.96 views

CVE-2009-0976

CVE-2009-0976 affects Oracle Database’s Workspace Manager component in versions 10.2.0.4 and 11.1.0.6 . The description notes an unspecified vulnerability that allows remote authenticated users to impact confidentiality and integrity , related to LTADM. Oracle issued the April 2009 Critical Patch...

5.5CVSS5.6AI score0.01444EPSS
CVE
CVE
added 2008/04/16 10:0 a.m.94 views

CVE-2008-1815

CVE-2008-1815: Affects Oracle Database 10.1.0.5, 10.2.0.3, and 11.1.0.6 in the Change Data Capture (CDC) component. The vulnerability involves DBMS_CDC_UTILITY (DB02) with remote authenticated access; the impact is unspecified in the sources, and the exact root cause is not clearly defined. Oracl...

5.5CVSS6.4AI score0.01264EPSS
CVE
CVE
added 2009/01/14 1:0 a.m.94 views

CVE-2008-3997

CVE-2008-3997 describes an unspecified vulnerability in the Oracle OLAP component of Oracle Database 10.1.0.5 and 10.2.0.3, related to SYS.DBMS_XSOQ_ODBO, that allows a remote authenticated user to affect availability. The issue is evidenced by iDefense and Oracle CPU advisory references, which i...

4CVSS5.7AI score0.01176EPSS
CVE
CVE
added 2009/04/15 10:0 a.m.93 views

CVE-2009-0984

The CVE concerns Oracle Database Database Vault (versions 9.2.0.8DV, 10.2.0.4, 11.1.0.6). The vulnerability is described as unspecified but affects confidentiality and integrity via DBMS_SYS_SQL when exploited by remote authenticated users. Connected documents confirm this CVE is included in the ...

5.5CVSS5.6AI score0.01258EPSS
CVE
CVE
added 2008/04/16 10:0 a.m.90 views

CVE-2008-1820

CVE-2008-1820 affects Oracle Database Data Pump: vulnerable in versions 9.2.0.8, 10.1.0.5, 10.2.0.3, and 11.1.0.6. The impact is unspecified with remote vectors related to KUPF$FILE_INT, and there are researcher claims of a buffer overflow in SYS.KUPF$FILE_INT.GET_FULL_FILENAME; no confirmation o...

4CVSS6.4AI score0.02085EPSS
CVE
CVE
added 2009/01/14 1:0 a.m.89 views

CVE-2008-5436

CVE-2008-5436 affects the Oracle OLAP component in Oracle Database versions 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4. The vulnerability is described as an unspecified issue allowing remote authenticated users to affect integrity and availability via unknown vectors. The connected documents conf...

5.5CVSS5.6AI score0.01975EPSS
CVE
CVE
added 2008/10/14 9:0 p.m.88 views

CVE-2008-2625

CVE-2008-2625 is an Oracle Database proxy-authentication bypass affecting the Core RDBMS. The connected sources describe an authentication bypass through TNS proxy login, allowing a new connection to impersonate an existing session without passwords. Affected products/versions cited include Oracl...

4CVSS5.8AI score0.02066EPSS
CVE
CVE
added 2009/04/15 10:0 a.m.88 views

CVE-2009-0973

CVE-2009-0973 affects Oracle Database 10.1.0.5 specifically the Cluster Ready Services component. The available data characterizes it as an unspecified vulnerability that could allow remote attackers to impact availability via unknown vectors. There are no exploitation details provided in the doc...

5CVSS6.1AI score0.02123EPSS
CVE
CVE
added 2008/10/14 9:0 p.m.86 views

CVE-2008-3989

CVE-2008-3989 describes an unspecified vulnerability in the Oracle Data Mining component of Oracle Database 10.2.0.3, related to DMSYS.ODM_MODEL_UTIL, that allows remote authenticated users to affect confidentiality, integrity, and availability. The connected material names Oracle’s October 2008 ...

6.5CVSS5.5AI score0.01167EPSS
CVE
CVE
added 2009/04/15 10:0 a.m.86 views

CVE-2009-0980

The CVE-2009-0980 entry concerns Oracle Database 10.2.0.3 and 11.1.0.6 with an unspecified vulnerability in the SQLX Functions component (related to AGGXQIMP). Affected software: Oracle Database 10.2.0.3 and 11.1.0.6, specifically the SQLX Functions. Root cause/details are not fully disclosed in ...

5.5CVSS5.7AI score0.01442EPSS
CVE
CVE
added 2008/07/15 11:0 p.m.57 views

CVE-2008-2595

CVE-2008-2595 : A pre-authentication denial-of-service vulnerability exists in Oracle Internet Directory (LDAP) within Oracle Application Server 9.0.4.3, 10.1.2.3, and 10.1.4.2. The issue is caused by a NULL pointer dereference when processing malformed LDAP requests, leading to a crash of the vu...

5CVSS8.6AI score0.11336EPSS