CVSS: 8.1EPSS: 0%CPEs: 7EXPL: 0CVE-2012-5062
https://notcve.org/view.php?id=CVE-2012-5062
17 Jan 2013 — Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to affect integrity via unknown vectors related to User Interface Framework. Vulnerabilidad sin especificar en el componente Enterprise Manager Base Platform en Oracle Enterprise Manager Grid Control EM Base Platform v10.2.0.5 y EM DB Control v10.2.0.3, v10.2.0.4... • http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 •
CVSS: 9.9EPSS: 0%CPEs: 6EXPL: 0CVE-2012-3220
https://notcve.org/view.php?id=CVE-2012-3220
17 Jan 2013 — Unspecified vulnerability in the Spatial component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users with Create Session privileges to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente Spatial en Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2 y 11.2.0.3 permite a usuarios autenticados remotos con privilegios Create Session afectar a la confi... • http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2013-0358
https://notcve.org/view.php?id=CVE-2013-0358
17 Jan 2013 — Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1 and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Resource Manager. Vulnerabilidad no especificada en el componente Enterprise Manager Plataforma Base en Oracle Enterprise Grid Manager plataforma de control E... • http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 •
CVSS: 8.1EPSS: 0%CPEs: 10EXPL: 0CVE-2013-0373
https://notcve.org/view.php?id=CVE-2013-0373
17 Jan 2013 — Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1, and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Distributed/Cross DB Features. Una vulnerabilidad no especificada en el componente Enterprise Manager Base Platform en Oracle Enterprise Manager Grid Control... • http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 •
CVSS: 8.1EPSS: 0%CPEs: 10EXPL: 0CVE-2013-0374
https://notcve.org/view.php?id=CVE-2013-0374
17 Jan 2013 — Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1, and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Database Cloning. Una vulnerabilidad no especificada en el componente Enterprise Manager Base Platform en Oracle Enterprise Manager Grid Control EM Base Plat... • http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 •
CVSS: 7.5EPSS: 0%CPEs: 10EXPL: 0CVE-2013-0352 – HP Security Bulletin HPSBST02955
https://notcve.org/view.php?id=CVE-2013-0352
17 Jan 2013 — Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1 and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Content Management. Vulnerabilidad no especificada en el componente Enterprise Manager Plataforma Base en Oracle Enterprise Grid Manager plataforma de control... • http://marc.info/?l=bugtraq&m=139344343412337&w=2 •
CVSS: 9.1EPSS: 0%CPEs: 10EXPL: 0CVE-2012-3219 – HP Security Bulletin HPSBST02955
https://notcve.org/view.php?id=CVE-2012-3219
17 Jan 2013 — Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.1 and 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Storage Management. Vulnerabilidad no especificada en el componente Enterprise Manager Base Platform en Oracle Enterprise Grid Manager Control EM v10.2.0.5 y ... • http://marc.info/?l=bugtraq&m=139344343412337&w=2 •
CVSS: 7.7EPSS: 0%CPEs: 6EXPL: 0CVE-2012-3146
https://notcve.org/view.php?id=CVE-2012-3146
16 Oct 2012 — Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect integrity via unknown vectors. Vulnerabilidad no especificada en el componente Core RDBMS en Oracle Database Server v10.2.0.3, v10.2.0.4, v10.2.0.5, v11.1.0.7, v11.2.0.2 y v11.2.0.3 permite a usuarios autenticados remotos afectar la integridad mediante vectores desconocidos • http://osvdb.org/86387 •
CVSS: 7.5EPSS: 1%CPEs: 9EXPL: 4CVE-2012-3137 – Oracle Database - Protocol Authentication Bypass
https://notcve.org/view.php?id=CVE-2012-3137
21 Sep 2012 — The authentication protocol in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to obtain the session key and salt for arbitrary users, which leaks information about the cryptographic hash and makes it easier to conduct brute force password guessing attacks, aka "stealth password cracking vulnerability." El protocolo de autenticación en Oracle Database 11g 1 y 2 permite a atacantes remotos obtener la clave y la "salt" de sesión para usuarios de su... • https://www.exploit-db.com/exploits/22069 • CWE-287: Improper Authentication •
CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0CVE-2012-3132
https://notcve.org/view.php?id=CVE-2012-3132
10 Aug 2012 — SQL injection vulnerability in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to execute arbitrary SQL commands via vectors involving CREATE INDEX with a CTXSYS.CONTEXT INDEXTYPE and DBMS_STATS.GATHER_TABLE_STATS. Vulnerabilidad de inyección SQL en Oracle Database Server v10.2.0.3, v10.2.0.4, v10.2.0.5, v11.1.0.7, v11.2.0.2, y v11.2.0.3, permite a atacantes remotos ejecutar comandos SQL de su elección mediante vectores que comprenden C... • http://www.darkreading.com/database-security/167901020/security/news/240004776/hacking-oracle-database-indexes.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •