Lucene search
K
OracleDatabase Server

516 matches found

CVE
CVE
added 2007/04/18 6:0 p.m.64 views

CVE-2007-2117

CVE-2007-2117 concerns Oracle Text in Oracle Database 9.0.1.5+ and 9.2.0.5; the note from 2007 CPU claims a buffer overflow in the ctxsrv server daemon, but the impact and exploit details are not publicly provided in the supplied documents. No remediation/patch details are specified here.

6.8CVSS6.7AI score0.00563EPSS
CVE
CVE
added 2009/10/22 6:0 p.m.64 views

CVE-2009-1992

CVE-2009-1992 affects Oracle Database Core RDBMS components (versions 9.2.0.8, 10.1.0.5, 10.2.0.4). The vulnerability allows remote attackers to impact confidentiality, integrity, and availability via unknown vectors. The issue is listed in the Oracle October 2009 CPU with a Base Score of 10.0 (C...

10CVSS6AI score0.04222EPSS
CVE
CVE
added 2009/10/22 6:0 p.m.64 views

CVE-2009-1993

CVE-2009-1993 affects Oracle Application Express (Apex) within Oracle Database 3.0.1. The vulnerability allows remote authenticated users to affect confidentiality and integrity through FLOWS_030000.WWV_EXECUTE_IMMEDIATE. The October 2009 CPU includes a fix for this, as part of the Oracle Databas...

5.5CVSS5.4AI score0.01964EPSS
CVE
CVE
added 2010/01/13 1:0 a.m.64 views

CVE-2009-3415

Concrete details available: CVE-2009-3415 is listed in Oracle CPU January 2010 as affecting Oracle OLAP within Oracle Database 9.2.0.8/9.2.0.8DV, 10.1.0.5 and 10.2.0.3. The vulnerability is mapped to Oracle OLAP with remote impact pathway requiring an authenticated session (Remote Exploit without...

9CVSS5.6AI score0.02575EPSS
CVE
CVE
added 2010/04/13 10:0 p.m.64 views

CVE-2010-0870

CVE-2010-0870 affects Oracle Database 9.2.0.8 and 9.2.0.8DV in the Change Data Capture component, related to SYS.DBMS_CDC_PUBLISH. Connected sources describe a SQL injection flaw in the DBMS_CDC_PUBLISH.DROP_CHANGE_SOURCE procedure that can be exploited by any user with execute privilege (default...

3.6CVSS5.6AI score0.12555EPSS
CVE
CVE
added 2012/07/17 10:0 p.m.64 views

CVE-2012-1747

CVE-2012-1747 affects Oracle Database Server on Windows (versions 10.2.0.3/10.2.0.4/10.2.0.5/11.1.0.7/11.2.0.2/11.2.0.3). The Network Layer component is implicated in an unspecified vulnerability that allows remote attackers to impact availability via unknown vectors (distinct from CVE-2012-1746)...

5CVSS6.2AI score0.01659EPSS
CVE
CVE
added 2013/04/17 12:10 p.m.64 views

CVE-2013-1554

CVE-2013-1554 affects Oracle Database Server (versions 10.2.0.4/10.2.0.5/11.1.0.7/11.2.0.2/11.2.0.3) with an unspecified vulnerability in the Network Layer component that could allow remote attackers to impact availability via unknown vectors. The risk is described as a network-exposed issue with...

5CVSS6.1AI score0.01659EPSS
CVE
CVE
added 2014/01/15 12:30 a.m.64 views

CVE-2013-5764

CVE-2013-5764 affects Oracle Database Server’s Core RDBMS in versions 11.1.0.7, 11.2.0.3, and 12.1.0.1. The vulnerability is described as unspecified and allows remote authenticated users to impact availability via unknown vectors. Root cause and exact exploit details are not provided in the init...

3.5CVSS5.7AI score0.012EPSS
CVE
CVE
added 2014/10/15 3:15 p.m.64 views

CVE-2014-6452

Technical details for CVE-2014-6452 are not publicly provided in the connected documents; no explicit affected products, root cause, impact, or remediation are given here. Monitor for updates.

4CVSS5.5AI score0.014EPSS
CVE
CVE
added 2018/01/18 2:0 a.m.64 views

CVE-2018-2575

CVE-2018-2575 concerns Oracle Database Server — Core RDBMS component. Affects Windows platforms for the following Oracle Database versions: 11.2.0.4, 12.1.0.2, and 12.2.0.1. The vulnerability is exploitable by a user with Local Logon privilege who can access the system over multiple network proto...

2.1CVSS2.8AI score0.00891EPSS
CVE
CVE
added 2005/01/06 5:0 a.m.63 views

CVE-2004-1339

CVE-2004-1339 affects Oracle 9i and 10g via two default triggers (MDSYS.SDO_GEOM_TRIG_INS1 and MDSYS.SDO_LRS_TRIG_INS). The vulnerability is a SQL injection that allows remote attackers to execute arbitrary SQL commands through the new.table_name or new.column_name parameters within those trigger...

6.5CVSS8.3AI score0.01477EPSS
CVE
CVE
added 2005/02/10 5:0 a.m.63 views

CVE-2005-0298

CVE-2005-0298 concerns Oracle 8i–10g DIRECTORY objects that expose the location of a specific operating system directory. Read access to such a DIRECTORY object can allow a user to obtain sensitive information about the OS directory path, indicating a potential information-disclosure risk. The pr...

5CVSS6.2AI score0.01965EPSS
CVE
CVE
added 2005/11/02 11:0 a.m.63 views

CVE-2005-3446

Technical details for CVE-2005-3446 are not publicly available in the provided documents. Monitor for updates.

10CVSS9AI score0.05144EPSS
CVE
CVE
added 2008/01/17 10:0 p.m.63 views

CVE-2008-0341

The CVE-2008-0341 entry concerns Oracle Database’s Advanced Queuing component in versions 9.0.1.5 FIPS+ and 10.1.0.5, described as an unspecified vulnerability with unknown impact and remote attack vectors (DB03). Connected sources corroborate a family of unspecified Oracle Database vulnerabiliti...

10CVSS6.2AI score0.03441EPSS
CVE
CVE
added 2009/10/22 6:0 p.m.63 views

CVE-2009-1971

CVE-2009-1971 affects Oracle Database Data Pump in 10.1.0.5, 10.2.0.3, and 11.1.0.7. Root cause and vectors are not described in the Initial Document, but the vulnerability allows remote authenticated users to affect integrity via unknown vectors. The issue is acknowledged in the Oracle October 2...

3.5CVSS5.5AI score0.01618EPSS
CVE
CVE
added 2010/04/13 10:0 p.m.63 views

CVE-2010-0851

CVE-2010-0851 affects the Oracle Database XML DB component. The vulnerability exists in Oracle Database versions 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3, caused by an unspecified issue that allows remote authenticated users to affect confidentiality via unknown vectors. The connected documents...

4CVSS5.5AI score0.01971EPSS
CVE
CVE
added 2012/07/17 10:0 p.m.63 views

CVE-2012-1745

CVE-2012-1745 affects Oracle Database Server (versions 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, 11.2.0.3) in the Network Layer. The vulnerability is described as unspecified and allows remote attackers to affect availability via unknown vectors. The cited sources do not provide a concret...

5CVSS6.2AI score0.01834EPSS
CVE
CVE
added 2012/10/16 11:0 p.m.63 views

CVE-2012-3146

CVE-2012-3146 affects Oracle Database Server Core RDBMS components across multiple versions (10.2.0.x to 11.2.0.x). The vulnerability is described as unspecified and exploitable by remote authenticated users to impact integrity via unknown vectors. The linked documents indicate this CVE is includ...

2.1CVSS5.7AI score0.00994EPSS
CVE
CVE
added 2013/07/17 10:0 a.m.63 views

CVE-2013-3789

CVE-2013-3789 affects Oracle Database Server Core RDBMS. Affected are Oracle Database Server versions 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3. The vulnerability is described as unspecified but allows remote authenticated users to impact confidentiality, integrity, and availability vi...

6.5CVSS5.7AI score0.01936EPSS
CVE
CVE
added 2013/10/16 3:0 p.m.63 views

CVE-2013-5771

CVE-2013-5771 concerns Oracle Database Server XML Parser vulnerabilities in Oracle Database Server versions 11.1.0.7, 11.2.0.2, 11.2.0.3, and 12.1.0.1. The issue, described as an unspecified vulnerability in the XML Parser component, could allow remote attackers to affect confidentiality and avai...

6.4CVSS6AI score0.02463EPSS
CVE
CVE
added 2016/10/25 2:0 p.m.63 views

CVE-2016-5499

Technical details about CVE-2016-5499 are not provided in the supplied documents; no affected product versions, root cause, or remediation are disclosed. Monitor for updates.

3.3CVSS3.5AI score0.00377EPSS
CVE
CVE
added 2006/01/18 11:0 a.m.62 views

CVE-2006-0286

The CVE-2006-0286 entry concerns Oracle HTTP Server in Oracle Database Server (various versions). The connected documents identify an unspecified vulnerability with unspecified impact/attack vectors (Oracle Vuln# OHS01) and reference multiple advisories noting potential information disclosure and...

10CVSS9.1AI score0.05897EPSS
CVE
CVE
added 2006/02/04 2:0 a.m.62 views

CVE-2006-0549

Technical details about CVE-2005-0549 are not publicly available in the provided connected documents. Monitor for updates from Oracle advisories and vulnerability databases before drawing conclusions about impact or remediation.

7.5CVSS7.6AI score0.08475EPSS
CVE
CVE
added 2006/10/18 1:0 a.m.62 views

CVE-2006-5344

The CVE-2006-5344 issue concerns a buffer overflow in the Oracle Spatial component (SDO_CS.TRANSFORM_LAYER) of Oracle Database, exploitable by an authenticated user with EXECUTE privileges. Public details indicate the vulnerability affects Oracle Database 9.2.0.1 and 10.1.0.2, where crafting a ca...

9CVSS7.4AI score0.03598EPSS
CVE
CVE
added 2007/01/17 2:0 a.m.62 views

CVE-2007-0274

CVE-2007-0274 affects Oracle Database 9.2.0.7 and 10.1.0.5. The Connected document notes buffer overflow issues in DBMS_LOGREP_UTIL.GET_OBJECT_NAME (DB08) and in SYS.DBMS_CAPTURE_ADM_INTERNAL procedures CREATE_CAPTURE, ALTER_CAPTURE, and ABORT_TABLE_INSTANTIATION (DB09). The exact impact and atta...

6.5CVSS7AI score0.03556EPSS
CVE
CVE
added 2009/10/22 6:0 p.m.62 views

CVE-2009-1964

CVE-2009-1964 affects Oracle Database 10.2.0.4 Workspace Manager. Description: an unspecified vulnerability that allows remote authenticated users to impact confidentiality and integrity via unknown vectors. CVSS (NVD) indicates network access with low complexity and partial confidentiality/integ...

5.5CVSS5.3AI score0.02219EPSS
CVE
CVE
added 2012/05/03 5:18 p.m.62 views

CVE-2012-0511

CVE-2012-0511 refers to an unspecified vulnerability in the OCI component of Oracle Database Server (versions 10.2.0.3/10.2.0.4/11.1.0.7) that allows remote attackers to impact confidentiality and integrity via unknown vectors. Connected advisories reveal concrete details: the OCIPasswordChange A...

6.4CVSS5.9AI score0.01379EPSS
CVE
CVE
added 2014/04/16 1:0 a.m.62 views

CVE-2014-2408

CVE-2014-2408 affects Oracle Database Server 11.1.0.7, 11.2.0.3/4, and 12.1.0.1, targeting the Core RDBMS component. The vulnerability is described as using unknown vectors related to the Grant Any Object Privilege and can potentially impact confidentiality and integrity when accessed by remote, ...

6.6CVSS5.3AI score0.01597EPSS
CVE
CVE
added 2014/10/15 3:15 p.m.62 views

CVE-2014-4298

CVE-2014-6542 is an Oracle Database Server vulnerability affecting the SQLJ component in versions 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, 12.1.0.2 . The issue allows remote authenticated users to affect confidentiality via unknown vectors. This is described as a separate vulnerability from CVE-20...

4CVSS5.5AI score0.014EPSS
CVE
CVE
added 2014/10/15 10:3 p.m.62 views

CVE-2014-6544

CVE-2014-6544 corresponds to an unspecified vulnerability in the JDBC component of Oracle Database Server (versions 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1). The description notes remote authenticated access affecting confidentiality and integrity via unknown vectors, and explicitly states it is a...

3.6CVSS5.6AI score0.01187EPSS
CVE
CVE
added 2005/08/16 4:0 a.m.61 views

CVE-2004-2345

Oracle9i Database Server versions 9.0.1.4, 9.0.1.5, 9.2.0.3, and 9.2.0.4 are affected by unknown local vulnerabilities that allow a user with SQL access to cause a denial of service or to obtain sensitive information. The available documents confirm the affected product versions and the general i...

6.5CVSS7.6AI score0.01441EPSS
CVE
CVE
added 2005/10/14 4:0 a.m.61 views

CVE-2005-3206

CVE-2005-3206 affects iSQL*Plus (isqlplus) for Oracle9i Database Server Release 2 (9.0.2.4). The issue enables remote attackers to cause a denial of service by sending an HTTP request with an sid parameter containing a STOP command, which can stop the TNS listener. The available connected documen...

5CVSS6.7AI score0.21549EPSS
CVE
CVE
added 2006/04/20 10:0 a.m.61 views

CVE-2006-1875

CVE-2006-1875 concerns Oracle Database Server versions 9.0.1.5, 9.2.0.7, and 10.1.0.5 with an unspecified vulnerability in the Oracle Spatial component (aka Vuln# DB11). The connected sources indicate the issue has unknown impact and attack vectors in Spatial, and note a researcher claim that the...

10CVSS6.9AI score0.02915EPSS
CVE
CVE
added 2006/04/20 10:0 a.m.61 views

CVE-2006-1877

Technical details about CVE-2006-1877 are not provided in the supplied documents. The Oracle Spatial vulnerability is described as unspecified with unknown impact and vectors.

7.2CVSS5.9AI score0.01447EPSS
CVE
CVE
added 2006/10/18 1:0 a.m.61 views

CVE-2006-5336

Technical details for CVE-2006-5336 are not publicly provided in the connected documents; no affected products, versions, or fixes are specified here. Monitor for updates.

9CVSS7AI score0.02777EPSS
CVE
CVE
added 2006/10/18 1:0 a.m.61 views

CVE-2006-5345

CVE-2006-5345 is an unspecified vulnerability in the Oracle Spatial component of Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.4. The entry notes remote authenticated attack vectors related to mdsys.sdo_geom and cites a possible relation to a length-checking issue in RELATE before MD2.RELATE is ca...

9CVSS5.7AI score0.03092EPSS
CVE
CVE
added 2007/01/17 2:0 a.m.61 views

CVE-2007-0269

CVE-2007-0269 affects Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3. The description specifies an unspecified vulnerability with unknown impact and attack vectors linked to Change Data Capture and the sys.dbms_cdc_subscribe privileges (aka DB02). The connected documents provide no concrete expl...

5.5CVSS5.9AI score0.01264EPSS
CVE
CVE
added 2007/04/18 6:0 p.m.61 views

CVE-2007-2114

CVE-2007-2114 refers to multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.2, specifically affecting Change Data Capture (CDC, DB08) and Oracle Instant Client (DB11). The description notes reliable claims that these issues are buffer overflows involving a long CHANGE_TABL...

9CVSS6.5AI score0.05899EPSS
CVE
CVE
added 2007/10/17 11:0 p.m.61 views

CVE-2007-5507

CVE-2007-5507 concerns the Oracle Net Services GIOP service on the TNS Listener. The vulnerability, affecting Oracle Database 9.0.1.5+ and certain 9.x/10.x releases, arises when handling a connect GIOP packet with an invalid data size, causing a buffer over-read. This can allow remote attackers t...

6.4CVSS6.5AI score0.0276EPSS
CVE
CVE
added 2012/07/17 10:0 p.m.61 views

CVE-2012-1746

CVE-2012-1746 concerns an unspecified vulnerability in the Oracle Database Server Network Layer on Windows, affecting versions 10.2.0.3/10.2.0.4/10.2.0.5/11.1.0.7/11.2.0.2/11.2.0.3. The vulnerability allows remote attackers to affect availability via unknown vectors; root cause details and exploi...

5CVSS6.2AI score0.0251EPSS
CVE
CVE
added 2012/10/16 11:0 p.m.61 views

CVE-2012-1751

CVE-2012-1751 affects Oracle Database Server Core RDBMS (11.1.0.7, 11.2.0.2, 11.2.0.3). The vulnerability is triggered by SQL injection when renaming a flashback-enabled table (flashback archive) via specially crafted table name, allowing remote authenticated attackers to elevate privileges and p...

6.5CVSS5.6AI score0.01593EPSS
CVE
CVE
added 2013/10/16 3:0 p.m.61 views

CVE-2013-3826

CVE-2013-3826 is mapped to Oracle Database Server 11.1.0.7, 11.2.0.2, 11.2.0.3, and 12.1.0.1 under the Core RDBMS component. The description indicates an unspecified vulnerability allowing remote attackers to affect confidentiality via unknown vectors. The NVD entry assigns a CVSS v2 base score o...

5CVSS6AI score0.01408EPSS
CVE
CVE
added 2014/10/15 10:3 p.m.61 views

CVE-2014-6542

Technical details for CVE-2014-6542 are not publicly provided in the connected documents. The sources lack explicit affected components, versions, root cause, or fixes. Monitor for updates.

4CVSS5.5AI score0.014EPSS
CVE
CVE
added 2008/01/17 10:0 p.m.60 views

CVE-2008-0342

The CVE-2008-0342 entry affects Oracle Database Upgrade/Downgrade component in Oracle Database versions 9.2.0.8, 10.1.0.5, and 10.2.0.3. The vulnerability is described as unspecified with unknown impact and remote attack vectors (DB05). No explicit root-cause, exploit details, or remediation are ...

10CVSS6.3AI score0.03441EPSS
CVE
CVE
added 2009/10/22 6:0 p.m.60 views

CVE-2009-1994

CVE-2009-1994 is an Oracle Database 10.1.0.5 vulnerability in the Spatial component (MDSYS.PRVT_CMT_CBK). The issue is listed under the October 2009 CPU with CVSS v2 base score 6.5 (MEDIUM). It can be triggered by an authenticated remote user via Oracle Net to execute code on MDSYS.PRVT_CMT_CBK, ...

6.5CVSS5.5AI score0.02271EPSS
CVE
CVE
added 2009/10/22 6:0 p.m.60 views

CVE-2009-1995

CVE-2009-1995 is an Oracle Database vulnerability affecting the Advanced Queuing component (SYS.DBMS_AQ_INV) in Oracle Database 10.2.0.4 and 11.1.0.7. The issue allows remote authenticated users to impact confidentiality and integrity. The connected documents indicate this CVE was addressed in th...

4.9CVSS5.4AI score0.01829EPSS
CVE
CVE
added 2010/01/13 1:0 a.m.60 views

CVE-2009-3411

CVE-2009-3411 (Oracle Data Pump) affects Oracle Database components including Data Pump across multiple versions (11.1.0.7; 10.2.0.3/0.4; 10.1.0.5; 9.2.0.8/9.2.0.8DV). The vulnerability allows remote authenticated users to impact confidentiality and integrity via unknown vectors due to an unspeci...

4.9CVSS5.4AI score0.01376EPSS
CVE
CVE
added 2012/05/03 5:18 p.m.60 views

CVE-2012-0534

CVE-2012-0534 affects Oracle Database Server (RDBMS Core) versions 10.2.0.3/10.2.0.4/10.2.0.5/11.1.0.7/11.2.0.2/11.2.0.3. Description: an unspecified vulnerability in the RDBMS Core allows remote authenticated users to affect integrity via unknown vectors related to Create Session. Impact: partia...

4CVSS5.5AI score0.01105EPSS
CVE
CVE
added 2014/10/15 3:15 p.m.60 views

CVE-2014-4300

Technical details are not publicly available in the provided documents for CVE-2014-4300; no specifics on affected products, versions, vectors, or impact are given. Monitor for updates.

4CVSS5.5AI score0.014EPSS
CVE
CVE
added 2019/10/16 5:40 p.m.60 views

CVE-2019-2939

CVE-2019-2939 affects Oracle Database Server’s Core RDBMS component. Affected versions include 12.2.0.1, 18c, and 19c. The vulnerability allows a low-privileged attacker with Create Session privilege and network access via OracleNet to compromise Core RDBMS, potentially leading to unauthorized re...

5CVSS4.2AI score0.01129EPSS
Total number of security vulnerabilities516