Lucene search
K
OracleDatabase21c

23 matches found

CVE
CVE
added 2020/05/20 6:26 p.m.1517 views

CVE-2020-9484

CVE-2020-9484 is a deserialization flaw in Apache Tomcat that, under a specific FileStore PersistenceManager configuration and a crafted request, can trigger remote code execution. Affected are Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61, and 7.0.0 to 7.0.107 when the...

7CVSS7.5AI score0.56636EPSS
CVE
CVE
added 2021/03/01 12:0 p.m.968 views

CVE-2021-25329

The CVE-2021-25329 entry is tied to an incomplete fix for CVE-2020-9484 in Apache Tomcat. In affected releases (Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61, and 7.0.0 to 7.0.107) a configuration edge case that was deemed highly unlikely could leave the Tomcat instance vulnerab...

7CVSS7.3AI score0.09491EPSS
CVE
CVE
added 2021/03/01 12:0 p.m.926 views

CVE-2021-25122

CVE-2021-25122 affects Apache Tomcat across multiple lines: 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, and 8.5.0 to 8.5.61. The issue allows duplicating request headers and a limited amount of request body from one request to another, enabling cross-user visibility of results (information disclosur...

7.5CVSS6.9AI score0.18114EPSS
CVE
CVE
added 2022/07/11 7:26 p.m.173 views

CVE-2020-35169

CVE-2020-35169 is tied to Dell BSAFE Crypto-C Micro Edition (pre-4.1.5) and Dell BSAFE Micro Edition Suite (pre-4.5.2) with an Improper Input Validation vulnerability. Public sources in the connected documents confirm high-severity impact (CVSS v3.1: 9.8, network access, no authentication, high c...

9.8CVSS9.4AI score0.01037EPSS
CVE
CVE
added 2022/07/19 9:8 p.m.144 views

CVE-2022-21565

CVE-2022-21565 affects the Oracle Database Server Java VM component. Affected: 12.1.0.2, 19c, 21c. Vulnerability allows a low-privilege user with Create Procedure privilege and network access via Oracle Net to compromise the Java VM, potentially leading to unauthorized creation, deletion, or modi...

6.5CVSS6.6AI score0.00589EPSS
CVE
CVE
added 2023/04/18 7:54 p.m.127 views

CVE-2023-21934

The CVE-2023-21934 issue affects Oracle Database Server (Java VM component) in 19c and 21c. The root cause is described in connected sources as insufficient input validation in the Java VM, enabling a low-privileged user with network access via TLS to compromise the Java VM and potentially read, ...

6.8CVSS6.3AI score0.00536EPSS
CVE
CVE
added 2022/04/19 8:38 p.m.122 views

CVE-2022-21498

CVE-2022-21498 affects the Java VM component of Oracle Database Server. Affected: Oracle Database Server versions 12.1.0.2, 19c, and 21c. Root cause: a vulnerability in the Java VM that allows a low-privileged user with Create Procedure privilege and network access via multiple protocols to compr...

6.5CVSS6AI score0.00692EPSS
CVE
CVE
added 2022/04/19 8:36 p.m.121 views

CVE-2022-21411

CVE-2022-21411 : Oracle Database Server’s RDBMS Gateway / Generic ODBC Connectivity component is affected. Affected versions are 12.1.0.2, 19c, and 21c . The vulnerability allows a low-privilege attacker with Create Session privilege and network access via Oracle Net to compromise the RDBMS Gatew...

5.5CVSS4.8AI score0.00548EPSS
CVE
CVE
added 2023/01/17 11:35 p.m.116 views

CVE-2023-21829

CVE-2023-21829 affects Oracle Database Server, specifically the RDBMS Security component. Connected sources confirm affected versions are 19c and 21c. A low-privileged attacker with Create Session privilege and network access via Oracle Net can compromise RDBMS Security, with human interaction re...

6.3CVSS5.6AI score0.00445EPSS
CVE
CVE
added 2021/10/20 10:50 a.m.110 views

CVE-2021-35558

CVE-2021-35558 affects Oracle Database Server Core RDBMS. Oracle warns that versions 12.1.0.2, 12.2.0.1, 19c and 21c are affected and an attacker with Create Table privilege and network access could cause partial DOS. Connected IBM EMPTORIS bulletins show affected IBM products and remediations: E...

4.3CVSS3.5AI score0.00804EPSS
CVE
CVE
added 2022/06/01 2:25 p.m.107 views

CVE-2020-26185

Dell BSAFE Micro Edition Suite (Dell) is affected by a Buffer Over-Read Vulnerability in versions prior to 4.5.1. Public docs consistently cite a remote-exploitable issue that can crash an application and cause denial of service. The CVSS data in the sources show a high impact (availability impac...

7.5CVSS7.5AI score0.01031EPSS
CVE
CVE
added 2022/07/19 9:6 p.m.105 views

CVE-2022-21432

CVE-2022-21432 affects Oracle Database Server - Enterprise Edition RDBMS Security. Affected are 12.1.0.2, 19c and 21c; exploitation requires a high-privilege DBA and network access via Oracle Net, enabling partial denial of service. Severity in the CVSS 3.1 base is 2.7 (LOW) with AV:N/AC:L/PR:H/U...

2.7CVSS4.1AI score0.00681EPSS
CVE
CVE
added 2022/07/11 7:25 p.m.94 views

CVE-2020-35166

CVE-2020-35166 affects Dell BSAFE Crypto-C Micro Edition (pre-4.1.5) and Dell BSAFE Micro Edition Suite (pre-4.6) with an Observable Timing Discrepancy Vulnerability. The Initial Description specifies the affected products/versions and that the vulnerability is timing-related, implying potential ...

9.8CVSS7.2AI score0.00741EPSS
CVE
CVE
added 2021/10/20 10:50 a.m.87 views

CVE-2021-35557

CVE-2021-35557 affects the Oracle Database Server Core RDBMS. Affected versions are 12.1.0.2, 12.2.0.1, 19c and 21c. The flaw allows a low-privileged attacker with Create Table privilege and network access via Oracle Net to compromise the Core RDBMS, yielding a partial denial of service (availabi...

4.3CVSS3.5AI score0.00813EPSS
CVE
CVE
added 2022/07/11 7:25 p.m.84 views

CVE-2020-35163

Technical details about CVE-2020-35163 are not publicly available in the provided connected documents. Monitor for updates.

9.8CVSS9.3AI score0.01101EPSS
CVE
CVE
added 2022/07/11 7:25 p.m.84 views

CVE-2020-35164

Summary (CVE-2020-35164) Dell BSAFE Crypto-C Micro Edition (versions before 4.1.5) and Dell BSAFE Micro Edition Suite (versions before 4.6) have an observable timing discrepancy vulnerability. Connected sources (PT-2022-8918) corroborate affected versions and advise upgrading to 4.1.5+ and 4.6+ r...

8.1CVSS8.8AI score0.00806EPSS
CVE
CVE
added 2021/10/20 10:50 a.m.84 views

CVE-2021-35551

CVE-2021-35551 affects Oracle Database Server in the RDBMS Security component for 12.2.0.1, 19c, and 21c. The flaw lets a high-privilege DBA with network access via Oracle Net cause a denial of service (hang/crash) and unauthorized data updates/inserts/deletes in RDBMS Security. The issue’s root ...

5.5CVSS5.4AI score0.00767EPSS
CVE
CVE
added 2022/07/11 7:25 p.m.82 views

CVE-2020-35168

CVE-2020-35168 affects Dell BSAFE Crypto-C Micro Edition (versions before 4.1.5) and Dell BSAFE Micro Edition Suite (versions before 4.6) with an Observable Timing Discrepancy vulnerability. The initial document provides CVSS metrics indicating high impact (network attack, no user interaction) wi...

9.8CVSS9.3AI score0.00483EPSS
CVE
CVE
added 2022/07/11 7:25 p.m.78 views

CVE-2020-29508

CVE-2020-29508 affects Dell BSAFE Crypto-C Micro Edition (versions prior to 4.1.5) and Dell BSAFE Micro Edition Suite (versions prior to 4.6). The root cause is an Improper Input Validation vulnerability. Public references (CNVD/NVD/CVE records and Nessus-related entries) confirm the affected pro...

9.8CVSS9.3AI score0.01202EPSS
CVE
CVE
added 2022/07/11 7:25 p.m.71 views

CVE-2020-35167

Technical details for CVE-2020-35167 are not publicly available in the provided documents. Monitor for updates and additional sources.

9.8CVSS9.3AI score0.01045EPSS
CVE
CVE
added 2022/07/11 7:25 p.m.69 views

CVE-2020-29506

Dell BSAFE Crypto-C Micro Edition (versions before 4.1.5) and Dell BSAFE Micro Edition Suite (versions before 4.5.2) contain an Observable Timing Discrepancy Vulnerability. The issue is documented with concrete vulnerable components and affected versions; upgrading to 4.1.5 and 4.5.2 respectively...

9.8CVSS9.4AI score0.01072EPSS
CVE
CVE
added 2022/07/11 7:25 p.m.63 views

CVE-2020-29507

CVE-2020-29507 affects Dell BSAFE Crypto-C Micro Edition (before 4.1.4) and Dell BSAFE Micro Edition Suite (before 4.4). The vulnerability is described as an Improper Input Validation issue. Public references in the connected documents confirm affected versions and provide remediation guidance: u...

9.8CVSS9.4AI score0.01019EPSS
CVE
CVE
added 2023/01/17 11:35 p.m.60 views

CVE-2023-21827

The CVE-2023-21827 entry describes a vulnerability in the Oracle Database Data Redaction component affecting Oracle Database Server 19c and 21c. The flaw allows a low-privileged attacker with Create Session privilege and network access via Oracle Net to read a subset of Data Redaction data. The a...

4.3CVSS3.1AI score0.00453EPSS