Filtered by vendor Oracle
Subscribe
Total
9592 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3460 | 1 Oracle | 2 10g Enterprise Manager Database Control, Enterprise Manager Application Server Control | 2023-12-10 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle Agent in Oracle Enterprise Manager 9.0.4.1 up to 10.1.0.4 has unknown impact and attack vectors, as identified by Oracle Vuln# EM01. | |||||
| CVE-2006-1885 | 1 Oracle | 1 Enterprise Manager | 2023-12-10 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in the Reporting Framework component in Oracle Enterprise Manager 9.0.1.5 and 9.2.0.7 have unknown impact and attack vectors, aka Vuln# (1) EM01 and (2) EM02. | |||||
| CVE-2006-1875 | 1 Oracle | 1 Database Server | 2023-12-10 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle Database Server 9.0.1.5, 9.2.0.7, and 10.1.0.5 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln# DB11. NOTE: Oracle has not disputed reliable researcher claims that this issue is SQL injection in MDSYS.SDO_LRS_TRIG_INS. | |||||
| CVE-2006-0263 | 1 Oracle | 1 Database Server | 2023-12-10 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.7, 10.1.0.5, and 10.2.0.1 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) DB09 in the (a) Net Listener component; and (2) DB12 and (3) DB13 in the Network Communications (RPC) component. | |||||
| CVE-2006-0259 | 1 Oracle | 1 Database Server | 2023-12-10 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Oracle Database server 10.1.0.5 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) DB04 and (2) DB06 in the (a) Data Pump component; (3) DB10 in the (b) Net Listener component; and (4) DB16 in the (c) Oracle Text component. NOTE: details are unavailable from Oracle, but they have not publicly disputed a claim by a reliable independent researcher that states that DB06 is SQL injection in the GENERATE_JOB_NAME, GET_WORKERSTATUSLIST1010, GET_PARAMVALUES1010, GET_DUMPFILESET1010, GET_JOBSTATUS1010, ATTACH, and ESTABLISH_REMOTE_CONTEXT functions in DBMS_DATAPUMP. | |||||
| CVE-2006-1877 | 1 Oracle | 1 Database Server | 2023-12-10 | 7.2 HIGH | N/A |
| Unspecified vulnerability in Oracle Database Server 8.1.7.4, 9.0.1.5, and 9.2.0.7 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln# DB13. | |||||
| CVE-2005-3454 | 1 Oracle | 1 Collaboration Suite | 2023-12-10 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Oracle Collaboration Suite 10g Release 1 version 10.1.1 and 9i Release 2 9.0.4.2 have unknown impact and attack vectors, as identified by Oracle Vuln# (1) OCS01, (2) OCS02, (3) OCS03, and (4) OCS04 for Calendar; (5) OCS05, (6) OCS06, (7) OCS07, (8) OCS08, (9) OCS09, and (10) OCS10 for Email Server; and (11) OCS11, (12) OCS12, and (13) OCS13 for Oracle Files. | |||||
| CVE-2005-1743 | 2 Bea, Oracle | 2 Weblogic Server, Weblogic Portal | 2023-12-10 | 7.5 HIGH | N/A |
| BEA WebLogic Server and WebLogic Express 8.1 through Service Pack 3 and 7.0 through Service Pack 5 does not properly handle when a security provider throws an exception, which may cause WebLogic to use incorrect identity for the thread, or to fail to audit security exceptions. | |||||
| CVE-2006-4226 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2023-12-10 | 3.6 LOW | N/A |
| MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions. | |||||
| CVE-2005-1382 | 1 Oracle | 1 Application Server Web Cache | 2023-12-10 | 5.0 MEDIUM | N/A |
| The webcacheadmin module in Oracle Webcache 9i allows remote attackers to corrupt arbitrary files via a full pathname in the cache_dump_file parameter. | |||||
| CVE-2006-3712 | 1 Oracle | 1 Application Server | 2023-12-10 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in OC4J for Oracle Application Server 9.0.4.2 and 10.1.2.0.0 has unknown impact and attack vectors, aka Oracle Vuln# AS07. | |||||
| CVE-2005-4832 | 1 Oracle | 1 Oracle10g | 2023-12-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Oracle Database Server 10g allows remote authenticated users to execute arbitrary SQL commands with elevated privileges via the SUBSCRIPTION_NAME parameter in the (1) SYS.DBMS_CDC_SUBSCRIBE and (2) SYS.DBMS_CDC_ISUBSCRIBE packages, a different vector than CVE-2005-1197. | |||||
| CVE-2005-3440 | 1 Oracle | 1 Database Server | 2023-12-10 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Database Scheduler in Oracle Database Server 10g up to 10.1.0.3 has unknown impact and attack vectors, aka Oracle Vuln# DB08. | |||||
| CVE-2006-0283 | 1 Oracle | 3 Application Server, Collaboration Suite, Database Server | 2023-12-10 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle Database Server 10.1.0.4.2, Application Server 10.1.2.0.2, and Collaboration Suite Release 2, version 9.0.4.2 (Oracle9i) has unspecified impact and attack vectors, as identified by Oracle Vuln# DBC02 in the Reorganize Objects & Convert Tablespace component. | |||||
| CVE-2005-3205 | 1 Oracle | 1 Database Server | 2023-12-10 | 3.5 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in iSQL*Plus (iSQLPlus) in Oracle9i Database Server Release 2 9.0.2.4 allows remote attackers to inject arbitrary web script or HTML via script in the "set markup HTML TABLE" command, which is executed when the user selects a table. | |||||
| CVE-2006-1036 | 1 Oracle | 1 Diagnostics | 2023-12-10 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in the Oracle Diagnostics module 2.2 and earlier have unknown impact and attack vectors, related to "permissions." | |||||
| CVE-2006-3700 | 1 Oracle | 1 Database Server | 2023-12-10 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Oracle Database 9.2.0.6 and 10.1.0.4 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB04 for Web Distributed Authoring and Versioning (DAV) and (2) DB23 for XMLDB. | |||||
| CVE-2005-2983 | 1 Oracle | 1 Reports | 2023-12-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Oracle Reports that use Lexical References allows remote attackers to execute arbitrary SQL commands via the values in the parameter form that appears when the paramform parameter is set to yes. | |||||
| CVE-2005-3461 | 1 Oracle | 1 Peoplesoft Enterprise | 2023-12-10 | 10.0 HIGH | N/A |
| Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.42 up to 8.45.17 has unknown impact and attack vectors, as identified by Oracle Vuln# PSE01. | |||||
| CVE-2006-1869 | 1 Oracle | 1 Database Server | 2023-12-10 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle Database Server 8.1.7.4 and 9.0.1.5 has unknown impact and attack vectors in the Dictionary component, aka Vuln# DB04. | |||||