Lucene search
+L
OracleDatabase Server

516 matches found

CVE
CVE
added 2001/07/27 4:0 a.m.49 views

CVE-2001-0515

CVE-2001-0515 concerns the Oracle Listener in Oracle 7.3 and 8i, where a remote attacker can cause a denial of service by sending a malformed connection packet with an excessively large offset_to_data value. The issue, characterized as part of a four-pronged set of Oracle Listener DoS vulnerabili...

5CVSS6.2AI score0.02079EPSS
CVE
CVE
added 2007/07/18 7:0 p.m.49 views

CVE-2007-3858

Oracle Database 10.2.0.3 is affected by multiple unspecified vulnerabilities that allow remote authenticated users to impact via (1) EXFSYS.DBMS_RLMGR_UTL in Rules Manager (DB11) and (2) Program Interface (DB13). The exact impact, affected subcomponents, and root cause details are not specified i...

7.5CVSS6.2AI score0.04133EPSS
CVE
CVE
added 2006/10/18 1:0 a.m.48 views

CVE-2006-5341

CVE-2006-5341 affects Oracle Database XMLDB component (versions 9.2.0.8, 10.1.0.5, 10.2.0.2). Reports describe two SQL injection vulnerabilities, DB14 in PITRIG_DROP/PITRIG_DROPMETADATA (XDB_PITRIG_PKG) and DB15 in DISABLE_HIERARCHY_INTERNAL (DBMS_XDBZ), exploitable by a remote, authenticated att...

9CVSS7.2AI score0.03405EPSS
CVE
CVE
added 2006/10/18 1:0 a.m.48 views

CVE-2006-5343

This CVE (CVE-2006-5343) concerns Oracle Database Server 10.1.0.3, specifically the Database Scheduler component. The available description states an unspecified vulnerability in sys.dbms_scheduler with unknown impact and remote authenticated attack vectors. No concrete exploit details, affected ...

9CVSS5.7AI score0.03422EPSS
CVE
CVE
added 2007/10/17 11:0 p.m.48 views

CVE-2007-5508

CVE-2007-5508 concerns the CTXSYS Intermedia/Oracle Text component (CTX_DOC) in Oracle Database 10.1.0.5 and 10.2.0.3. The vulnerability enables SQL injection via six procedures (THEMES, GIST, TOKENS, FILTER, HIGHLIGHT, MARKUP), with remote authenticated users able to execute arbitrary SQL comman...

6.5CVSS7.7AI score0.05158EPSS
CVE
CVE
added 2007/03/14 12:0 a.m.45 views

CVE-2007-1442

CVE-2007-1442 describes a local privilege escalation in Oracle Database 10g caused by passing a NULL pDacl parameter to SetSecurityDescriptorDacl when creating discretionary access control lists (DACLs). This can allow local users to gain privileges. The description and connected records confirm ...

7.2CVSS6.3AI score0.00494EPSS
CVE
CVE
added 2026/05/28 8:17 p.m.42 views

CVE-2026-46834

The CVE-2026-46834 entry concerns Oracle Database Server’s Net Service component. Affected versions are 23.4.0 through 23.26.2. The vulnerability is remotely exploitable by an unauthenticated attacker over TLS, enabling a hang or frequent crash of Net Service (complete DOS) as described in the so...

7.5CVSS5.8AI score0.00274EPSS
CVE
CVE
added 2026/05/28 8:17 p.m.40 views

CVE-2026-46835

The CVE-2026-46835 entry concerns Oracle Database Server’s Net Service component. Affected are Oracle versions 23.4.0 through 23.26.2. An unauthenticated attacker who can access the Net Service over TLS can cause the Net Service to hang or crash, resulting in a complete denial of service. The doc...

7.5CVSS5.8AI score0.00274EPSS
CVE
CVE
added 2025/07/15 7:27 p.m.37 views

CVE-2025-50070

CVE-2025-50070 affects Oracle Database Server JDBC: vulnerable in JDBC component for Oracle Database Server versions 23.4–23.8. Root cause as described is a vulnerability in JDBC that can enable a low-privileged, authenticated OS user with logon to the infrastructure where JDBC runs to access JDB...

5.3CVSS6AI score0.00118EPSS
CVE
CVE
added 2026/04/21 8:35 p.m.36 views

CVE-2026-34312

The CVE-2026-34312 entry concerns Oracle Database Server's RDBMS component with affected versions 19.3–19.30. It describes a vulnerability that an attacker with Row Access Method privilege and network access via multiple protocols can exploit to achieve unauthorized read access to a subset of RDB...

2.4CVSS5.7AI score0.00201EPSS
CVE
CVE
added 2025/07/15 7:27 p.m.26 views

CVE-2025-30750

CVE-2025-30750 affects Oracle Database Server Unified Audit. Affected versions: 19.3–19.27, 21.3–21.18, 23.4–23.8. High-privileged attacker with Create User privilege and network access via Oracle Net can compromise Unified Audit; exploitation requires user interaction and may allow unauthorized ...

2.4CVSS4.8AI score0.00232EPSS
CVE
CVE
added 2025/07/15 7:27 p.m.26 views

CVE-2025-50066

CVE-2025-50066 affects the Oracle Database Server’s Materialized View component. Affected versions are 19.3–19.27, 21.3–21.18, and 23.4–23.8. An attacker with Execute on DBMS_REDEFINITION and network access via Oracle Net can exploit this to gain unauthorized update/insert/delete access to data i...

2.7CVSS5.2AI score0.00256EPSS
CVE
CVE
added 2026/01/20 9:56 p.m.22 views

CVE-2026-21939

Oracle Database Server SQLcl component vulnerability CVE-2026-21939 affects versions 23.4.0–23.26.0. An unauthenticated attacker with local logon and required user interaction can compromise SQLcl, potentially taking over the SQLcl process. Connected sources (Oracle Jan 2026 CPU, Red Hat advisori...

7CVSS5.4AI score0.00172EPSS
CVE
CVE
added 2025/10/21 8:2 p.m.16 views

CVE-2025-53047

CVE-2025-53047 affects Oracle Database Server’s Portable Clusterware. Affected versions are 19.3–19.28, 21.3–21.19, and 23.4–23.9. The issue allows an unauthenticated attacker with network access via Bonjour to read data from Portable Clusterware. The vulnerability is specifically tied to Portabl...

5.8CVSS5AI score0.00297EPSS
CVE
CVE
added 2025/10/21 8:3 p.m.15 views

CVE-2025-61749

CVE-2025-61749 affects the Unified Audit component of Oracle Database Server (versions 23.4–23.9). The issue allows a high-privilege attacker with DBA privileges and network access via Oracle Net to compromise Unified Audit, potentially enabling unauthorized update, insert, or delete of some data...

2.7CVSS4.4AI score0.00254EPSS
CVE
CVE
added 2025/10/21 8:2 p.m.14 views

CVE-2025-53051

CVE-2025-53051 affects Oracle Database Server’s RDBMS Functional Index component, with affected versions 23.4–23.9. The vulnerability enables a high-privilege SYSDBA attacker, with network access via Oracle Net, to read a subset of RDBMS Functional Index data. The CVSS base score is 2.7 (LOW) wit...

2.7CVSS4.1AI score0.00284EPSS
Total number of security vulnerabilities516