Database Server Security Vulnerabilities and Issues — Database Server CVE List

Lucene search

OracleDatabase Server

31 matches found

CVE•added 2009/10/22 6:30 p.m.•173 views

CVE-2009-1979

Unspecified vulnerability in the Network Authentication component in Oracle Database 10.1.0.5 and 10.2.0.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2009 CPU. Oracle has not commen...

10CVSS6.5AI score0.85749EPSS

CVE•added 2009/07/14 11:30 p.m.•110 views

CVE-2009-1970

Unspecified vulnerability in the Listener component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2009-0991.

5CVSS6AI score0.54138EPSS

CVE•added 2009/07/14 11:30 p.m.•105 views

CVE-2009-1019

Unspecified vulnerability in the Network Authentication component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

7.5CVSS6.1AI score0.11053EPSS

CVE•added 2009/07/14 11:30 p.m.•105 views

CVE-2009-1968

Unspecified vulnerability in the Secure Enterprise Search component in Oracle Database 10.1.8.3 allows remote attackers to affect integrity via unknown vectors. NOTE: the previous information was obtained from the July 2009 CPU. Oracle has not commented on claims from an established researcher that...

4.3CVSS5AI score0.43013EPSS

CVE•added 2009/07/14 11:30 p.m.•100 views

CVE-2009-1963

Unspecified vulnerability in the Network Foundation component in Oracle Database 11.1.0.6 allows remote authenticated users to affect integrity and availability via unknown vectors.

7.5CVSS5.7AI score0.05539EPSS

CVE•added 2009/07/14 11:30 p.m.•96 views

CVE-2009-1966

Unspecified vulnerability in the Config Management component in (1) Oracle Database 11.1.0.7 and (2) Oracle Enterprise Manager 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-1967.

5.5CVSS5.8AI score0.00379EPSS

CVE•added 2009/07/14 11:30 p.m.•94 views

CVE-2009-1021

Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

5.5CVSS5.4AI score0.00411EPSS

CVE•added 2009/07/14 11:30 p.m.•92 views

CVE-2009-1020

Unspecified vulnerability in the Network Foundation component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

9CVSS5.7AI score0.04106EPSS

CVE•added 2009/07/14 11:30 p.m.•90 views

CVE-2009-1969

Unspecified vulnerability in the Auditing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality via unknown vectors.

2.1CVSS5.5AI score0.00379EPSS

CVE•added 2009/07/14 11:30 p.m.•89 views

CVE-2009-1967

5.5CVSS5.8AI score0.00379EPSS

CVE•added 2009/07/14 11:30 p.m.•87 views

CVE-2009-0987

Unspecified vulnerability in the Upgrade component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

5.5CVSS5.5AI score0.00576EPSS

CVE•added 2009/04/15 10:30 a.m.•86 views

CVE-2009-0997

Unspecified vulnerability in the Database Vault component in Oracle Database 11.1.0.6 allows remote authenticated users to affect confidentiality, related to DBMS_SYS_SQL.

4CVSS5.8AI score0.00977EPSS

CVE•added 2009/07/14 11:30 p.m.•86 views

CVE-2009-1973

Unspecified vulnerability in the Virtual Private Database component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity, related to VPD policies.

5.5CVSS5.5AI score0.00576EPSS

CVE•added 2009/04/15 10:30 a.m.•84 views

CVE-2009-0972

Unspecified vulnerability in the Workspace Manager component in Oracle Database 11.1.0.6, 11.1.0.7, 10.2.0.3, 10.2.0.4, 10.1.0.5, 9.2.0.8, and 9.2.0.8DV allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

6.5CVSS5.7AI score0.00575EPSS

CVE•added 2009/10/22 6:30 p.m.•82 views

CVE-2009-1972

Unspecified vulnerability in the Auditing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect integrity, related to DBMS_SYS_SQL and DBMS_SQL.

2.1CVSS5.6AI score0.0044EPSS

CVE•added 2009/07/14 11:30 p.m.•81 views

CVE-2009-1015

Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.05, and 10.2.04 allows remote authenticated users to affect integrity via unknown vectors.

4CVSS5.7AI score0.00379EPSS

CVE•added 2009/02/05 2:30 a.m.•61 views

CVE-2008-6065

Oracle Database Server 10.1, 10.2, and 11g grants directory WRITE permissions for arbitrary pathnames that are aliased in a CREATE OR REPLACE DIRECTORY statement, which allows remote authenticated users with CREATE ANY DIRECTORY privileges to gain SYSDBA privileges by aliasing the pathname of the p...

5.1CVSS6.9AI score0.04969EPSS

CVE•added 2009/10/22 6:30 p.m.•59 views

CVE-2009-1985

Unspecified vulnerability in the Network Authentication component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10CVSS6AI score0.03196EPSS

CVE•added 2009/10/22 6:30 p.m.•56 views

CVE-2009-1018

Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity, related to SYS.LTRIC (WMSYS.LTRIC).

5.5CVSS5.4AI score0.00977EPSS

CVE•added 2009/10/22 6:30 p.m.•50 views

CVE-2009-1991

Unspecified vulnerability in the Oracle Text component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity, related to CTXSYS.DRVXTABC. NOTE: the previous information was obtained from the October 2009 CPU. Oracle h...

3.6CVSS6.5AI score0.00688EPSS

CVE•added 2009/10/22 6:30 p.m.•50 views

CVE-2009-1993

Unspecified vulnerability in the Application Express component in Oracle Database 3.0.1 allows remote authenticated users to affect confidentiality and integrity, related to FLOWS_030000.WWV_EXECUTE_IMMEDIATE.

5.5CVSS5.4AI score0.0052EPSS

CVE•added 2009/10/22 6:30 p.m.•48 views

CVE-2009-1992

Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10CVSS6AI score0.02412EPSS

CVE•added 2009/10/22 6:30 p.m.•47 views

CVE-2009-1971

Unspecified vulnerability in the Data Pump component in Oracle Database 10.1.0.5, 10.2.0.3, and 11.1.0.7 allows remote authenticated users to affect integrity via unknown vectors.

3.5CVSS5.5AI score0.0052EPSS

CVE•added 2009/10/22 6:30 p.m.•47 views

CVE-2009-1994

Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 allows remote authenticated users to affect confidentiality, integrity, and availability, related to MDSYS.PRVT_CMT_CBK.

6.5CVSS5.5AI score0.007EPSS

CVE•added 2009/10/22 6:30 p.m.•45 views

CVE-2009-1964

Unspecified vulnerability in the Workspace Manager component in Oracle Database 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

5.5CVSS5.3AI score0.00977EPSS

CVE•added 2009/10/22 6:30 p.m.•42 views

CVE-2009-1995

Unspecified vulnerability in the Advanced Queuing component in Oracle Database 10.2.0.4 and 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity, related to SYS.DBMS_AQ_INV.

4.9CVSS5.4AI score0.00977EPSS

CVE•added 2009/10/22 6:30 p.m.•42 views

CVE-2009-2000

Unspecified vulnerability in the Authentication component in Oracle Database 11.1.0.7 allows remote attackers to affect confidentiality via unknown vectors.

5CVSS5.9AI score0.00944EPSS

CVE•added 2009/10/22 6:30 p.m.•39 views

CVE-2009-1965

Unspecified vulnerability in the Net Foundation Layer component in Oracle Database 9.2.0.8 and 10.1.0.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

5.4CVSS6AI score0.00918EPSS

CVE•added 2009/10/22 6:30 p.m.•39 views

CVE-2009-1997

Unspecified vulnerability in the Authentication component in Oracle Database 10.2.0.3 and 11.1.0.7 allows remote attackers to affect confidentiality via unknown vectors.

5CVSS5.9AI score0.00944EPSS

CVE•added 2009/10/22 6:30 p.m.•39 views

CVE-2009-2001

Unspecified vulnerability in the PL/SQL component in Oracle Database 10.2.0.4 and 11.1.0.7 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

6.5CVSS5.5AI score0.007EPSS

CVE•added 2009/10/22 6:30 p.m.•37 views

CVE-2009-1007

Unspecified vulnerability in the Data Mining component in Oracle Database 10.2.0.4 allows remote authenticated users to affect confidentiality, integrity, and availability, related to SYS.DMP_SYS.

6.5CVSS5.6AI score0.007EPSS