4 matches found
CVE-2021-2329
CVE-2021-2329 is an Oracle Database Server vulnerability affecting the XML DB component in versions 12.1.0.2, 12.2.0.1, and 19c. The vulnerability enables a high-privilege attacker with Create Any Procedure and Create Public Synonym privileges, over a network via Oracle Net, to take over the Orac...
CVE-2021-2333
CVE-2021-2333 affects Oracle Database Server’s XML DB component. Impacted: Oracle versions 12.1.0.2, 12.2.0.1, and 19c. An attacker with Alter User privilege and network access via Oracle Net can gain unauthorized access to Oracle XML DB data. CVSSv3.1 base score: 4.9 (Confidentiality only). Reme...
CVE-2025-30694
CVE-2025-30694 affects Oracle Database Server’s XML Database component. Affected versions are 19.3–19.26, 21.3–21.17, and 23.4–23.7. The vulnerability is exploitable by a low-privilege user with User Account privilege who has network access via HTTP, with exploitation requiring user interaction. ...
CVE-2024-21242
Oracle Database Server – XML Database : The XML Database component has errors in resource release that affect 19.3–19.24, 21.3–21.15, and 23.4–23.5. It is remotely exploitable via HTTP with low privileges and requires user interaction, potentially causing a partial DoS of the XML Database. Remedi...