CVSS: 9.9EPSS: 0%CPEs: 2EXPL: 0CVE-2015-2595
https://notcve.org/view.php?id=CVE-2015-2595
16 Jul 2015 — Unspecified vulnerability in the Oracle OLAP component in Oracle Database Server 12.1.0.1 and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente Oracle OLAP en Oracle Database Server en las versiones 12.1.0.1 y 12.1.0.2, permite a usuarios remotos autenticados afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. • http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html •
CVSS: 9.1EPSS: 0%CPEs: 5EXPL: 0CVE-2015-0483
https://notcve.org/view.php?id=CVE-2015-0483
16 Apr 2015 — Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect integrity via unknown vectors. Vulnerabilidad no especificada en el componente Core RDBMS en Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, y 12.1.0.2 permite a usuarios remotos autenticados afectar la integridad a través de vectores desconocidos. • http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2015-0455
https://notcve.org/view.php?id=CVE-2015-0455
16 Apr 2015 — Unspecified vulnerability in the XDB - XML Database component in Oracle Database Server 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors. Vulnerabilidad no especificada en el componente XDB - XML Database en Oracle Database Server 11.2.0.3, 11.2.0.4, 12.1.0.1, y 12.1.0.2 permite a usuarios remotos autenticados afectar la confidencialidad a través de vectores desconocidos. • http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html •
CVSS: 9.9EPSS: 0%CPEs: 5EXPL: 0CVE-2015-0457
https://notcve.org/view.php?id=CVE-2015-0457
16 Apr 2015 — Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-2629. Vulnerabilidad no especificada en el componente Java VM en Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1 y 12.1.0.2 permite a usuarios remotos autenticados afectar la confidencialidad, integridad y disponibilid... • http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html •
CVSS: 9.9EPSS: 0%CPEs: 5EXPL: 0CVE-2015-0373
https://notcve.org/view.php?id=CVE-2015-0373
21 Jan 2015 — Unspecified vulnerability in the OJVM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente OJVM en Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, y 12.1.0.2 permite a usuarios remotos autenticados afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. • http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2014-6541
https://notcve.org/view.php?id=CVE-2014-6541
21 Jan 2015 — Unspecified vulnerability in the Recovery component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2, when running on Windows, allows remote authenticated users to affect confidentiality via vectors related to DBMS_IR. Vulnerabilidad no especificada en el componente Recovery en Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1 y 12.1.0.2, cuando se ejecuta en Windows, permite a usuarios remotos autenticados afectar la confidencialidad a través de vectores relacionad... • http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html •
CVSS: 9.0EPSS: 7%CPEs: 5EXPL: 0CVE-2014-6567
https://notcve.org/view.php?id=CVE-2014-6567
21 Jan 2015 — Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information is from the January 2015 CPU. Oracle has not commented on the researcher's claim that this is a stack-based buffer overflow in DBMS_AW.EXECUTE, which allows code execution via a long Current Directory Alias (CDA) command. Vulnerabilidad n... • http://www.databaseforensics.com/Oracle_Jan2015_CPU.pdf •
CVSS: 9.6EPSS: 8%CPEs: 4EXPL: 2CVE-2014-6577
https://notcve.org/view.php?id=CVE-2014-6577
21 Jan 2015 — Unspecified vulnerability in the XML Developer's Kit for C component in Oracle Database Server 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors. NOTE: the previous information is from the January 2015 CPU. Oracle has not commented on the original researcher's claim that this is an XML external entity (XXE) vulnerability in the XML parser, which allows attackers to conduct internal port scanning, perform SSRF attacks, or cause a denial... • https://github.com/SecurityArtWork/oracle-xxe-sqli •
CVSS: 6.8EPSS: 0%CPEs: 5EXPL: 0CVE-2014-6477
https://notcve.org/view.php?id=CVE-2014-6477
23 Nov 2014 — Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2014-4290, CVE-2014-4291, CVE-2014-4292, CVE-2014-4293, CVE-2014-4296, CVE-2014-4297, CVE-2014-4310, and CVE-2014-6547. NOTE: this issue was originally mapped to CVE-2014-4301, but CVE-2014-4301 is for an unrelated vulnerability. Vulnerabilidad no especificada en... • http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.9EPSS: 0%CPEs: 5EXPL: 0CVE-2014-6560
https://notcve.org/view.php?id=CVE-2014-6560
15 Oct 2014 — Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2014-6453, CVE-2014-6467, and CVE-2014-6545. Vulnerabilidad sin especificar en el componente Java VM para Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, y 12.1.0.2 permite a usuarios remotos autenticados afectar la confid... • http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html •