Lucene search
K
OracleDatabase Server

516 matches found

CVE
CVE
added 2008/07/15 11:0 p.m.99 views

CVE-2008-2605

CVE-2008-2605 affects Oracle Database 11.1.0.6 (Authentication, Oracle Net). It is a network-based issue requiring authentication, with impact limited to confidentiality (Partial) and no listed impact on integrity/availability in the provided sources. The vulnerability is addressed in the July 20...

4CVSS5.9AI score0.01285EPSS
CVE
CVE
added 2010/10/13 11:0 p.m.99 views

CVE-2010-2415

Oracle Database Change Data Capture (DBMS_CDC_PUBLISH) contains an SQL injection flaw in the CREATE_CHANGE_SET procedure. CVE-2010-2415 affects Oracle Database Server versions 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1. The vulnerability allows an attacker with EXECUTE privilege on SYS.DBMS_CDC_P...

4.9CVSS5.6AI score0.09736EPSS
CVE
CVE
added 2011/01/19 3:0 p.m.99 views

CVE-2010-4423

CVE-2010-4423 affects Oracle Database Server on Windows, specifically the Cluster Verify Utility component, with vulnerable installations including 10.2.0.4/10.2.0.5/11.1.0.7/11.2.0.1. The vulnerability is described as unspecified and enables local users to affect confidentiality, integrity, and ...

6.9CVSS5.7AI score0.00348EPSS
CVE
CVE
added 2011/07/20 10:36 p.m.99 views

CVE-2011-0816

The CVE-2011-0816 entry describes an unspecified vulnerability in Oracle Database Server’s CMDB Metadata & Instance APIs across multiple versions, with remote authenticated access potentially affecting confidentiality and integrity via unknown vectors. Connected sources confirm involvement of CMD...

5.5CVSS5.5AI score0.01448EPSS
CVE
CVE
added 2011/07/20 10:36 p.m.99 views

CVE-2011-0848

CVE-2011-0848 involves Oracle Database Server (versions 10.1.0.5, 10.2.0.3–10.2.0.5, 11.1.0.7, 11.2.0.1–11.2.0.2) and Oracle Enterprise Manager Grid Control (10.1.0.6, 10.2.0.5). The vulnerability lies in the Security Framework component and is described as an unspecified issue that allows remote...

6.8CVSS6AI score0.01845EPSS
CVE
CVE
added 2011/07/20 10:36 p.m.99 views

CVE-2011-2230

CVE-2011-2230 affects Oracle Database Server (Core RDBMS) across multiple major versions (10.1.0.5, 10.2.0.x, 11.1.0.x, 11.2.0.1). The vulnerability is described as unspecified and allows remote attackers to affect availability via unknown vectors. Exploitation status is not detailed in the provi...

5CVSS6.2AI score0.02027EPSS
CVE
CVE
added 2013/07/17 10:0 a.m.99 views

CVE-2013-3774

Oracle Database Server contains an unspecified vulnerability in the Network Layer component (CVE-2013-3774) affecting 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, 11.2.0.3, and 12.1.0.1, allowing remote attackers to compromise confidentiality, integrity, and availability via unknown vectors. Public re...

7.6CVSS6AI score0.02809EPSS
CVE
CVE
added 2018/04/19 2:0 a.m.99 views

CVE-2018-2841

The CVE-2018-2841 issue affects the Oracle Database Server Java VM component in versions 11.2.0.4, 12.1.0.2 and 12.2.0.1. According to the provided description, a low-privilege attacker with Create Session and Create Procedure privileges and network access via multiple protocols can compromise th...

8.5CVSS8.2AI score0.01802EPSS
CVE
CVE
added 2005/01/19 5:0 a.m.98 views

CVE-2004-1363

CVE-2004-1363 : The provided data confirms a buffer overflow in the extproc component of Oracle 10g. An attacker can trigger remote code execution by manipulating environment variables in the library name, which are expanded after the length check. The vulnerability is described as enabling remot...

9.8CVSS9.7AI score0.09095EPSS
CVE
CVE
added 2010/07/13 10:7 p.m.98 views

CVE-2010-0902

CVE-2010-0902 affects Oracle Database Server’s OLAP component via Oracle Net (Create Session). Affected versions: 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, 11.1.0.7, 11.2.0.1. The vulnerability is not remote unauthenticated (Requires authentication) but can impact confidentiality, integrity, and av...

6CVSS5.6AI score0.0132EPSS
CVE
CVE
added 2010/10/13 10:0 p.m.98 views

CVE-2010-2389

CVE-2010-2389 affects Oracle Database Server components and Fusion Middleware. The Perl component in Oracle Database Server versions 11.2.0.1, 11.1.0.7, 10.2.0.3, 10.2.0.4, and 10.1.0.5, and in Fusion Middleware 11.1.1.1.0 and 11.1.1.2.0, allows a local user to affect integrity via unknown vector...

1CVSS5.5AI score0.00287EPSS
CVE
CVE
added 2014/10/15 3:15 p.m.98 views

CVE-2014-6467

Technical details about CVE-2014-6467 are not provided in the supplied documents. Public information appears limited to the generic description; monitor for updates.

9CVSS5.7AI score0.02457EPSS
CVE
CVE
added 2020/01/15 4:33 p.m.98 views

CVE-2020-2515

CVE-2020-2515 affects Oracle Database Server’s Database Gateway for ODBC. Affected Oracle versions include 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. The vulnerability enables a low-privilege attacker with Create Session permission and OracleNet network access to read, modify, or delete data expo...

6CVSS4.7AI score0.00792EPSS
CVE
CVE
added 2023/07/18 8:17 p.m.98 views

CVE-2023-21949

CVE-2023-21949 affects Oracle Database Server, specifically the Advanced Networking Option . Affects versions 19.3–19.19 and 21.3–21.10. The vulnerability is exploitable by an unauthenticated attacker with network access via Oracle Net to compromise the Advanced Networking Option, potentially res...

3.7CVSS3.1AI score0.00383EPSS
CVE
CVE
added 2009/04/15 10:0 a.m.97 views

CVE-2009-0972

CVE-2009-0972 is associated with an unspecified vulnerability in the Workspace Manager component of Oracle Database (versions 11.1.0.6/11.1.0.7/10.2.0.3/10.2.0.4/10.1.0.5/9.2.0.8/9.2.0.8DV). The available documents identify the affected product area and that remote authenticated users could affec...

6.5CVSS5.7AI score0.01442EPSS
CVE
CVE
added 2011/01/19 3:0 p.m.97 views

CVE-2010-4420

CVE-2010-4420 affects Oracle Database with Database Vault (versions 10.2.0.3–10.2.0.5, 11.1.0.7, 11.2.0.1). The initial entry describes an unspecified local vulnerability affecting confidentiality and integrity via unknown vectors in the Database Vault component. Connected sources confirm the vul...

3.6CVSS5.5AI score0.00369EPSS
CVE
CVE
added 2011/07/20 10:36 p.m.97 views

CVE-2011-0879

CVE-2011-0879 refers to an Oracle vulnerability in the Oracle Enterprise Manager Grid Control/Instance Management component. The TeamSHATTER advisory describes a cross-site scripting (XSS) flaw on the metricDetail$type page that can be exploited remotely, potentially allowing an attacker to steal...

4.3CVSS6.1AI score0.01508EPSS
CVE
CVE
added 2011/07/20 10:36 p.m.97 views

CVE-2011-2232

CVE-2011-2232 affects Oracle Database Server XML Developer Kit. The vulnerable products include Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 11.1.0.7, 11.2.0.1 and Oracle Fusion Middleware 10.1.3.5. The issue is described as an unspecified vulnerability in the XML Developer Kit component ...

6CVSS5.7AI score0.01434EPSS
CVE
CVE
added 2007/11/08 9:0 p.m.96 views

CVE-2007-5897

Buffer overflow in Oracle Database Server (MDSYS.SDO_CS) allows remote authenticated users to crash the server and execute arbitrary code via the TRANSFORM function. Affected: Oracle 8iR3, 9iR1/2 up to 9.2.0.6, and 10gR1 up to 10.1.0.4. Note: this CVE may be related to CVE-2007-5515, CVE-2007-550...

8.5CVSS7.3AI score0.03703EPSS
CVE
CVE
added 2010/10/13 11:0 p.m.96 views

CVE-2010-2419

CVE-2010-2419 targets Oracle Database Server’s Java VM component (versions 10.1.0.5, 10.2.0.4, 11.1.0.7, 11.2.0.1). A ZDI advisory describes a race condition in Oracle’s Java SecurityManager sandbox that can enable remote code execution when a Java stored procedure is created, requiring authentic...

6.5CVSS5.7AI score0.01732EPSS
CVE
CVE
added 2011/04/20 3:9 a.m.96 views

CVE-2011-0787

CVE-2011-0787 affects Oracle Database Server 11.1.0.7 and Oracle Enterprise Manager Grid Control, specifically the Application Service Level Management component. The vulnerability is described as unspecified, allowing remote authenticated users to affect confidentiality and integrity via unknown...

5.5CVSS5.2AI score0.01262EPSS
CVE
CVE
added 2011/04/20 3:9 a.m.96 views

CVE-2011-0805

Oracle Database Server UIX component vulnerability CVE-2011-0805 affects 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1. The issue is described as an unspecified remote vulnerability that can impact integrity via unknown vectors. Red Hat and Nessus references confirm the UIX component as affected. Th...

4.3CVSS6.2AI score0.01414EPSS
CVE
CVE
added 2011/07/20 10:36 p.m.96 views

CVE-2011-0835

Technical details about CVE-2011-0835 are not publicly available in the provided documents. The connected records reference Oracle Core RDBMS vulnerabilities in Oracle Database Server but do not specify affected versions, vectors, or fixes. Monitor for updates.

6.5CVSS5.7AI score0.01743EPSS
CVE
CVE
added 2011/07/20 10:36 p.m.96 views

CVE-2011-0880

Technical details for CVE-2011-0880 are not publicly available in the provided documents. Monitor for updates.

6.5CVSS5.7AI score0.01743EPSS
CVE
CVE
added 2011/07/20 10:36 p.m.96 views

CVE-2011-2238

Technical details about CVE-2011-2238 are not provided in the connected documents. The OpenVAS NASL entry and ENISA EUVD record list the vulnerability generically without specifics. Monitor for updates from official advisories.

4CVSS5.8AI score0.01301EPSS
CVE
CVE
added 2011/07/20 11:0 p.m.96 views

CVE-2011-2248

CVE-2011-2248 affects Oracle Database Server components (11.1.0.7, 11.2.x) and Oracle Enterprise Manager Grid Control; the issue is described as an unspecified vulnerability in the SQL Performance Advisories/UIs related area, with potential impact on confidentiality, integrity, and availability (...

6.8CVSS6.8AI score0.01176EPSS
CVE
CVE
added 2014/10/15 10:3 p.m.96 views

CVE-2014-6545

CVE-2014-6545 affects the Oracle Database Server Java VM component across versions 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2. The vulnerability is described as unspecified and accessible to remote authenticated users, impacting confidentiality, integrity, and availability via unknown v...

9CVSS5.7AI score0.02457EPSS
CVE
CVE
added 2015/04/16 4:0 p.m.96 views

CVE-2015-0457

CVE-2015-0457 concerns an unspecified vulnerability in the Java VM component of Oracle Database Server, affecting 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2. The description notes remote authenticated access could impact confidentiality, integrity, and availability via unknown vectors, ...

9CVSS5.7AI score0.0256EPSS
CVE
CVE
added 2021/04/22 12:0 a.m.96 views

CVE-2021-2173

CVE-2021-2173 affects Oracle Database Server Recovery component and is documented with affected Oracle versions (12.1.0.2, 12.2.0.1, 18c, 19c). The issue allows a high-privileged attacker with a DBA-level account and network access via Oracle Net to obtain unauthorized read access to Recovery dat...

4.1CVSS3.4AI score0.01372EPSS
CVE
CVE
added 2009/07/14 11:0 p.m.95 views

CVE-2009-1015

CVE-2009-1015 is an unspecified vulnerability in Oracle Database Core RDBMS affecting 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4. The vulnerability allows remote authenticated users to affect integrity via unknown vectors. Oracle’s July 2009 CPU addresses this and other fixes; affected products/v...

4CVSS5.7AI score0.01195EPSS
CVE
CVE
added 2009/10/22 6:0 p.m.95 views

CVE-2009-1972

CVE-2009-1972 affects Oracle Database Auditing: remote authenticated users could affect integrity via DBMS_SYS_SQL/DBMS_SQL in Oracle DB versions 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7. Root cause involves the Auditing component exposure in the Database and its SQL facilities. The v...

2.1CVSS5.6AI score0.01653EPSS
CVE
CVE
added 2011/04/20 3:9 a.m.95 views

CVE-2011-0806

CVE-2011-0806 affects Oracle Database Server on Windows (10gR1/10gR2/11gR1/11gR2, etc.) in the Network Foundation component. Multiple connected sources describe an unspecified vulnerability that can allow remote attackers to affect availability via unknown vectors. The vulnerability is linked to ...

5CVSS6.1AI score0.01701EPSS
CVE
CVE
added 2011/07/20 10:36 p.m.95 views

CVE-2011-0852

CVE-2011-0852 affects Oracle Database Server components (10.1.0.5, 10.2.0.3, 10.2.0.4) and Oracle Enterprise Manager Grid Control 10.1.0.6, via Audit Administration in the Security Management module. Affects confidentiality, integrity, and availability; vulnerabilities are described as unspecifie...

6.8CVSS6AI score0.01845EPSS
CVE
CVE
added 2020/01/15 4:33 p.m.95 views

CVE-2020-2518

CVE-2020-2518 is a vulnerability in the Oracle Database Server Java VM component affecting versions 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c, and 19c. The issue allows a low-privileged attacker with Create Session privilege and network access via various protocols to take over the Java VM. The initial d...

7.5CVSS7AI score0.01256EPSS
CVE
CVE
added 2008/04/16 10:0 a.m.94 views

CVE-2008-1817

CVE-2008-1817 affects Oracle Database versions 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 with remote attack vectors in (1) SDO_IDX (Spatial) and (2) Core RDBMS (DB10). The issue is described as multiple unspecified vulnerabilities with unknown impact; Oracle’s CPU notes ...

9CVSS7AI score0.01707EPSS
CVE
CVE
added 2010/07/13 10:7 p.m.94 views

CVE-2010-0901

CVE-2010-0901 affects Oracle Database Server Export component (versions 9.2.0.8/9.2.0.8DV, 10.1.0.5, 10.2.0.4, 11.1.0.7, 11.2.0.1). The issue allows remote authenticated users to affect confidentiality via Unknown vectors related to Select Any Dictionary. The Oracle July 2010 CPU document lists C...

2.1CVSS5.3AI score0.01026EPSS
CVE
CVE
added 2010/10/13 10:0 p.m.94 views

CVE-2010-2411

CVE-2010-2411 affects Oracle Database Server (11.2.0.1, 11.1.0.7, 10.2.0.3, 10.2.0.4, 10.1.0.5) with a vulnerability in SYS.DBMS_IJOB that allows remote authenticated users to impact confidentiality, integrity and availability. The vulnerability is listed in the Oracle October 2010 CPU, which fix...

4.6CVSS5.8AI score0.01372EPSS
CVE
CVE
added 2011/04/20 3:9 a.m.94 views

CVE-2011-0793

CVE-2011-0793 affects Oracle Database Server, specifically the Database Vault component, with affected versions: 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1. The vulnerability is described as “unspecified” and a remote authenticated user could impact integrity and availability , with the...

3.6CVSS5.8AI score0.01053EPSS
CVE
CVE
added 2011/07/20 10:36 p.m.94 views

CVE-2011-0876

CVE-2011-0876 is an Oracle Enterprise Manager/Grid Control cross-site scripting vulnerability. TeamSHATTER reports XSS on the EM Grid Control console’s metricDetail$type page, affecting Grid Control 10.1.0.6 and 10.2.0.5, and Oracle Enterprise Manager control included in Oracle Database versions ...

4.3CVSS5.9AI score0.01495EPSS
CVE
CVE
added 2011/01/19 3:0 p.m.93 views

CVE-2010-4413

Oracle Database Server Scheduler Agent vulnerability (CVE-2010-4413) affects Oracle 11.1.0.7 and 11.2.0.1; remote authenticated users could impact confidentiality, integrity, and availability via unknown vectors. The connected sources indicate this CVE is among fixes in the January 2011 Oracle CP...

4.3CVSS5.7AI score0.01752EPSS
CVE
CVE
added 2011/04/20 3:9 a.m.93 views

CVE-2011-0804

CVE-2011-0804 affects Oracle Database Server via the Database Vault component across versions 10.2.0.3–11.2.0.2. The impact is confidentiality and integrity with unknown vectors and requires remote authenticated access (per CVE entry and NVD entry). Oracle’s April 2011 CPU advisory documents this...

3.6CVSS5.5AI score0.01017EPSS
CVE
CVE
added 2011/07/20 10:36 p.m.93 views

CVE-2011-0830

CVE-2011-0830 affects Oracle products: Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, and Oracle Enterprise Manager Grid Control 10.1.0.6, specifically the Event Management component, with the vulnerability linked to the Rules Management UI. The known issue allows remote attackers to impact...

4.3CVSS5.9AI score0.01567EPSS
CVE
CVE
added 2011/07/20 11:0 p.m.93 views

CVE-2011-2242

CVE-2011-2242 concerns Oracle Database Server core RDBMS components. The CVE describes an unspecified vulnerability in Oracle Database Server 11.2.0.1 and 11.2.0.2, local-access impact on confidentiality related to XML DB FTP. The core issue is within the Core RDBMS component (XML DB FTP pathway)...

1.3CVSS5.8AI score0.0028EPSS
CVE
CVE
added 2014/10/15 3:15 p.m.93 views

CVE-2014-6453

Technical details about CVE-2014-6453 are not publicly available in the provided documents; no specifics on affected product versions, root cause, or exploit info are given. Monitor for updates.

9CVSS5.7AI score0.02457EPSS
CVE
CVE
added 2015/01/21 3:0 p.m.93 views

CVE-2014-6577

CVE-2014-6577 is an Oracle Database Server issue affecting the XML Developer's Kit for C component. Versions 11.2.0.3/11.2.0.4/12.1.0.1/12.1.0.2 are affected. The vulnerability is described as an XML external entity (XXE) issue in the XML parser that could allow a remote, authenticated user to af...

6.8CVSS5.8AI score0.03528EPSS
CVE
CVE
added 2019/04/23 6:16 p.m.93 views

CVE-2019-2582

CVE-2019-2582 affects Oracle Database Server Core RDBMS. The Red Hat and NVD records describe an unauthenticated, network-accessible vulnerability via Oracle Net that can lead to read access to a subset of Core RDBMS data in affected versions 12.2.0.1 and 18c. The underlying cause and impact are ...

5.3CVSS4.9AI score0.01227EPSS
CVE
CVE
added 2021/04/22 12:0 a.m.93 views

CVE-2021-2175

The CVE-2021-2175 vulnerability affects Oracle Database Server’s Database Vault component. Affected are Oracle versions 12.1.0.2, 12.2.0.1, 18c, and 19c. An attacker with Create Any View or Select Any View privileges and network access via Oracle Net can obtain unauthorized read access to a subse...

4CVSS2.9AI score0.01654EPSS
CVE
CVE
added 2019/01/16 7:0 p.m.92 views

CVE-2019-2547

CVE-2019-2547 affects Oracle Database Server’s Java VM component. Affected versions are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. The vulnerability can be exploited by a low-privileged attacker with Create Session and Create Procedure privileges over network protocols; exploitation requires user inte...

3.5CVSS3.3AI score0.01033EPSS
CVE
CVE
added 2019/07/23 10:31 p.m.92 views

CVE-2019-2749

CVE-2019-2749 affects Oracle Database Server’s Java VM component. Affected releases include 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c, and 19c. The vulnerability arises in the Java VM and can allow a low-privilege attacker with Create Session and Create Procedure privileges and network access (via multip...

6.8CVSS6.8AI score0.01089EPSS
CVE
CVE
added 2011/07/20 10:36 p.m.91 views

CVE-2011-0882

Technical details for CVE-2011-0882 are not publicly provided in the supplied documents. Monitor for updates from connected sources; no specific impact, affected product scope, or remediation available here.

6.8CVSS6AI score0.0183EPSS
Total number of security vulnerabilities516