Lucene search
+L
OracleDatabase Server19.3

24 matches found

cve
cve
added 2024/02/17 1:49 a.m.694 views

CVE-2024-20903

CVE-2024-20903 affects Oracle Database Server Java VM component. Affected versions are 19.3–19.21 and 21.3–21.12. The vulnerability allows a low-privileged attacker with Create Session and Create Procedure privileges and network access via Oracle Net to compromise the Java VM, potentially leading...

6.5CVSS6.6AI score0.00416EPSS
cve
cve
added 2023/10/17 9:2 p.m.381 views

CVE-2023-22074

CVE-2023-22074 affects Oracle Database Server, specifically the Database Sharding component. Affected versions are 19.3–19.20 and 21.3–21.11. The root issue allows a highly privileged attacker (needs Create Session and Select Any Dictionary) with network access via Oracle Net, plus user interacti...

2.4CVSS2.5AI score0.00887EPSS
cve
cve
added 2023/10/17 9:2 p.m.379 views

CVE-2023-22075

CVE-2023-22075 affects Oracle Database Server, specifically the Database Sharding component. Affected versions are 19.3–19.20 and 21.3–21.11. The issue arises from insufficient input validation in Oracle Database Sharding, enabling a high-privilege user with network access via Oracle Net to cause...

2.4CVSS2.5AI score0.00395EPSS
cve
cve
added 2023/10/17 9:2 p.m.355 views

CVE-2023-22071

CVE-2023-22071 affects Oracle Database Server, specifically the PL/SQL component. Affected versions are 19.3–19.20 and 21.3–21.11. The vulnerability allows a high-privileged attacker with Create Session and Execute on sys.utl_http and network access via Oracle Net to compromise PL/SQL. Exploitati...

5.9CVSS5.1AI score0.00312EPSS
cve
cve
added 2023/10/17 9:2 p.m.352 views

CVE-2023-22077

CVE-2023-22077 affects Oracle Database Server’s Recovery Manager. Affected: Oracle Database versions 19.3–19.20 and 21.3–21.11. The flaw allows a high-privilege attacker with a DBA role and network access via Oracle Net to cause a hang or frequent crash of Recovery Manager (denial of service). CV...

4.9CVSS4.7AI score0.0058EPSS
cve
cve
added 2023/10/17 9:3 p.m.345 views

CVE-2023-22096

CVE-2023-22096 affects Oracle Database Server, Java VM component. Affected: Oracle Database Server versions 19.3–19.20 and 21.3–21.11. Description states that a low-privileged attacker with Create Session and Create Procedure privileges and network access via Oracle Net can compromise the Java VM...

4.3CVSS3.7AI score0.00375EPSS
cve
cve
added 2023/10/17 9:2 p.m.342 views

CVE-2023-22073

CVE-2023-22073 affects Oracle Database Server’s Oracle Notification Server component. Affected versions are 19.3–19.20 and 21.3–21.11. The vulnerability allows an unauthenticated attacker with access to the physical network segment to compromise Oracle Notification Server and read a subset of dat...

4.3CVSS3.5AI score0.00333EPSS
cve
cve
added 2024/07/16 10:40 p.m.120 views

CVE-2024-21184

CVE-2024-21184 relates to the Oracle Database Server, specifically the RDBMS Security component. Connected sources confirm affected software: Oracle Database Server versions 19.3–19.23 with a privilege-management flaw that can be exploited by a high-privilege attacker who has Execute on SYS.XS_DI...

7.2CVSS6.7AI score0.00529EPSS
cve
cve
added 2024/07/16 10:39 p.m.101 views

CVE-2024-21126

CVE-2024-21126 affects Oracle Database Server’s portable clusterware component. The issue stems from insufficient input validation in Oracle Database Portable Clusterware, allowing an unauthenticated attacker with network access via DNS to compromise the component and potentially cause a partial ...

5.8CVSS5.3AI score0.00493EPSS
cve
cve
added 2023/07/18 8:17 p.m.98 views

CVE-2023-21949

CVE-2023-21949 affects Oracle Database Server, specifically the Advanced Networking Option . Affects versions 19.3–19.19 and 21.3–21.10. The vulnerability is exploitable by an unauthenticated attacker with network access via Oracle Net to compromise the Advanced Networking Option, potentially res...

3.7CVSS3.1AI score0.00383EPSS
cve
cve
added 2024/04/16 9:26 p.m.89 views

CVE-2024-21058

CVE-2024-21058 affects Oracle Database Server’s Unified Audit component. Affected: Oracle Database Server versions 19.3–19.22 and 21.3–21.13 . Root cause described as insufficient input validation in the Unified Audit path (per connected PT Security entry). A highly privileged attacker with SYSDB...

4.9CVSS6.5AI score0.00411EPSS
cve
cve
added 2024/04/16 9:26 p.m.85 views

CVE-2024-21066

CVE-2024-21066 affects Oracle Database Server RDBMS component. Affected versions are 19.3–19.22 and 21.3–21.13. The issue allows a high-privileged, authenticated user with logon access to compromise the RDBMS, with human interaction required. Exploitation is described as feasible by an authentica...

4.2CVSS5.3AI score0.0025EPSS
cve
cve
added 2024/07/16 10:40 p.m.84 views

CVE-2024-21174

CVE-2024-21174 affects Oracle Database Server's Java VM component across 19.3–19.23, 21.3–21.14, and 23.4. The root cause is improper resource clearance/release in the Java VM, allowing a low-privileged attacker with Create Session and Create Procedure privileges and network access via Oracle Net...

3.1CVSS2.6AI score0.00318EPSS
cve
cve
added 2023/07/18 8:18 p.m.81 views

CVE-2023-22052

CVE-2023-22052 affects Oracle Database Server under the Java VM component. Affected versions are 19.3–19.19 and 21.3–21.10. The issue arises from insufficient input validation in the Java VM, enabling a low-privileged attacker with Create Session and Create Procedure privileges (and network acces...

3.1CVSS2.5AI score0.00346EPSS
cve
cve
added 2024/04/16 9:25 p.m.75 views

CVE-2024-20995

The CVE refers to Oracle Database Sharding in Oracle Database Server. Affected: Oracle Database Server 19.3–19.22 and 21.3–21.13. Root cause: insufficient input validation in the Oracle Database Sharding component. Impact: high-privileged DBA with network access via Oracle Net can cause partial d...

2.4CVSS5.4AI score0.00532EPSS
cve
cve
added 2023/07/18 8:18 p.m.72 views

CVE-2023-22034

The CVE-2023-22034 issue affects Oracle Database Server Unified Audit component. Affected versions are 19.3–19.19 and 21.3–21.10. The root cause is described as insufficient input validation, enabling a high-privileged SYSDBA attacker with network access via Oracle Net to compromise Unified Audit...

4.9CVSS4.5AI score0.00411EPSS
cve
cve
added 2024/10/15 7:52 p.m.72 views

CVE-2024-21233

Oracle Database Server Core vulnerability CVE-2024-21233 affects Core in Oracle Database Server versions 19.3–19.24, 21.3–21.15, and 23.4–23.5. The flaw stems from improper authorization in the Database Core Component, enabling a low-privileged attacker with Create Session privilege and network a...

4.3CVSS3.5AI score0.00411EPSS
cve
cve
added 2024/07/16 10:39 p.m.69 views

CVE-2024-21123

The CVE-2024-21123 issue affects Oracle Database Server (Oracle Database Core). Affected versions are 19.3 through 19.23. The root cause is insufficient input validation in the Oracle Database Core component, enabling a high-privileged attacker with SYSDBA privileges to compromise the Core when l...

2.3CVSS2.6AI score0.00172EPSS
cve
cve
added 2024/10/15 7:52 p.m.65 views

CVE-2024-21251

CVE-2024-21251 — Oracle Database Server Java VM component affected versions: 19.3–19.24, 21.3–21.15, 23.4–23.5. Cause: insufficient input validation in the Java VM component. Impact: a low-privileged attacker with Create Session and Create Procedure privileges and network access via Oracle Net ca...

3.1CVSS2.7AI score0.00375EPSS
cve
cve
added 2025/07/15 7:27 p.m.55 views

CVE-2025-30751

CVE-2025-30751 affects Oracle Database Server (Oracle Database component). Affected supported versions are 19.27 and 23.4–23.8. The flaw enables a low-privileged attacker who has Create Session and Create Procedure privileges with network access via Oracle Net to compromise the database, potentia...

8.8CVSS7.5AI score0.0033EPSS
cve
cve
added 2026/04/21 8:35 p.m.34 views

CVE-2026-34312

The CVE-2026-34312 entry concerns Oracle Database Server's RDBMS component with affected versions 19.3–19.30. It describes a vulnerability that an attacker with Row Access Method privilege and network access via multiple protocols can exploit to achieve unauthorized read access to a subset of RDB...

2.4CVSS5.7AI score0.00201EPSS
cve
cve
added 2025/07/15 7:27 p.m.25 views

CVE-2025-30750

CVE-2025-30750 affects Oracle Database Server Unified Audit. Affected versions: 19.3–19.27, 21.3–21.18, 23.4–23.8. High-privileged attacker with Create User privilege and network access via Oracle Net can compromise Unified Audit; exploitation requires user interaction and may allow unauthorized ...

2.4CVSS4.8AI score0.00232EPSS
cve
cve
added 2025/07/15 7:27 p.m.24 views

CVE-2025-50066

CVE-2025-50066 affects the Oracle Database Server’s Materialized View component. Affected versions are 19.3–19.27, 21.3–21.18, and 23.4–23.8. An attacker with Execute on DBMS_REDEFINITION and network access via Oracle Net can exploit this to gain unauthorized update/insert/delete access to data i...

2.7CVSS5.2AI score0.00256EPSS
cve
cve
added 2025/10/21 8:2 p.m.15 views

CVE-2025-53047

CVE-2025-53047 affects Oracle Database Server’s Portable Clusterware. Affected versions are 19.3–19.28, 21.3–21.19, and 23.4–23.9. The issue allows an unauthenticated attacker with network access via Bonjour to read data from Portable Clusterware. The vulnerability is specifically tied to Portabl...

5.8CVSS5AI score0.00291EPSS