Lucene search

K
OracleOracle10gpersonal 10.1.0.2

7 matches found

CVE
CVE
added 2006/02/08 1:2 a.m.78 views

CVE-2006-0586

Multiple SQL injection vulnerabilities in Oracle 10g Release 1 before CPU Jan 2006 allow remote attackers to execute arbitrary SQL commands via multiple parameters in (1) ATTACH_JOB, (2) HAS_PRIVS, and (3) OPEN_JOB functions in the SYS.KUPV$FT package; and (4) UPDATE_JOB, (5) ACTIVE_JOB, (6) ATTACH...

7.5CVSS9.8AI score0.30903EPSS
CVE
CVE
added 2005/04/19 4:0 a.m.60 views

CVE-2004-1774

Buffer overflow in the SDO_CODE_SIZE procedure of the MD2 package (MDSYS.MD2.SDO_CODE_SIZE) in Oracle 10g before 10.1.0.2 Patch 2 allows local users to execute arbitrary code via a long LAYER parameter.

7.2CVSS8.9AI score0.0766EPSS
CVE
CVE
added 2005/11/16 9:22 p.m.46 views

CVE-2005-3641

Oracle Databases running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication by supplying a valid username.

7.5CVSS7.1AI score0.00482EPSS
CVE
CVE
added 2006/04/11 10:2 a.m.44 views

CVE-2006-1705

Oracle Database 9.2.0.0 to 10.2.0.3 allows local users with "SELECT" privileges for a base table to insert, update, or delete data by creating a crafted view then performing the operations on that view.

2.1CVSS6AI score0.01109EPSS
CVE
CVE
added 2005/05/11 4:0 a.m.43 views

CVE-2005-1495

Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the SYS user executes a SELECT statement on an FGA object, which makes it easier for attackers to escape detection.

7.5CVSS9.2AI score0.01038EPSS
CVE
CVE
added 2005/05/11 4:0 a.m.43 views

CVE-2005-1496

The DBMS_Scheduler in Oracle 10g allows remote attackers with CREATE JOB privileges to gain additional privileges by changing SESSION_USER to the SYS user.

4.6CVSS9.1AI score0.05207EPSS
CVE
CVE
added 2007/03/03 8:0 p.m.39 views

CVE-2005-4832

SQL injection vulnerability in the Oracle Database Server 10g allows remote authenticated users to execute arbitrary SQL commands with elevated privileges via the SUBSCRIPTION_NAME parameter in the (1) SYS.DBMS_CDC_SUBSCRIBE and (2) SYS.DBMS_CDC_ISUBSCRIBE packages, a different vector than CVE-2005...

7.5CVSS7.6AI score0.52586EPSS