Page 113 of 714 results (0.006 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0

CVE-2007-5512

https://notcve.org/view.php?id=CVE-2007-5512

Unspecified vulnerability in the Oracle Database Vault component in Oracle Database 9.2.0.8DV and 10.2.0.3 has unknown impact and remote attack vectors, aka DB21. Vulnerabilidad no especificada en en el componente Oracle Database Vault de Oracle Database 9.2.0.8DV y 10.2.0.3 tiene impacto y vectores de ataque remotos desconocidos, también conocida como DB21. • http://marc.info/?l=bugtraq&m=119332677525918&w=2 http://secunia.com/advisories/27251 http://secunia.com/advisories/27409 http://www.oracle.com/technetwork/topics/security/cpuoct2007-092913.html http://www.securitytracker.com/id?1018823 http://www.us-cert.gov/cas/techalerts/TA07-290A.html http://www.vupen.com/english/advisories/2007/3524 http://www.vupen.com/english/advisories/2007/3626 •

CVSS: 4.3EPSS: 1%CPEs: 3EXPL: 2

CVE-2007-4822

https://notcve.org/view.php?id=CVE-2007-4822

Cross-site request forgery (CSRF) vulnerability in the device management interface in Buffalo AirStation WHR-G54S 1.20 allows remote attackers to make configuration changes as an administrator via HTTP requests to certain HTML pages in the res parameter with an inp req parameter to cgi-bin/cgi, as demonstrated by accessing (1) ap.html and (2) filter_ip.html. Vulnerabilidad de falsificación de petición en sitios cruzados (CSRF) en el interfaz de administración de Buffalo AirStation WHR-G54S 1.20 permite a atacantes remotos realizar cambios de configuración como administradores mediante peticiones HTTP a determinadas páginas HTML en el parámetro res con un parámetro inp en la petición a cgi-bin/cgi, como se ha demostrado accediendo a (1)ap.html y (2) filter_ip.html. • http://osvdb.org/37665 http://secunia.com/advisories/26712 http://securityreason.com/securityalert/3117 http://www.louhi.fi/advisory/buffalo_070907.txt http://www.securityfocus.com/archive/1/478795/100/0/threaded http://www.securityfocus.com/archive/1/478801/100/0/threaded http://www.securityfocus.com/bid/25588 https://exchange.xforce.ibmcloud.com/vulnerabilities/36492 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.5EPSS: 3%CPEs: 6EXPL: 0

CVE-2007-3856

https://notcve.org/view.php?id=CVE-2007-3856

Unspecified vulnerability in the Oracle Data Mining component for Oracle Database 10g Release 2 10.2.0.2 and 10.2.0.3, 10g 10.1.0.5, and Oracle9i Database Release 2 9.2.0.7, 9.2.0.8, and 9.2.0.8DV has unknown impact and remote authenticated attack vectors related to DMSYS.DMP_SYS, aka DB04. Vulnerabilidad no especificada en el componente Oracle Data Mining para Oracle Database 10g Release 2 10.2.0.2 y 10.2.0.3, 10g 10.1.0.5, y Oracle9i Database Release 2 9.2.0.7, 9.2.0.8, y 9.2.0.8DV tiene un impacto desconocido y vectores autenticados de ataque remoto relacionado con DMSYS.DMP_SYS, también conocido como DB04. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143 http://secunia.com/advisories/26114 http://secunia.com/advisories/26166 http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html http://www.securitytracker.com/id?1018415 http://www.us-cert.gov/cas/techalerts/TA07-200A •

CVSS: 7.5EPSS: 20%CPEs: 1EXPL: 0

CVE-2007-3858

https://notcve.org/view.php?id=CVE-2007-3858

Multiple unspecified vulnerabilities in Oracle Database 10.2.0.3 allow remote authenticated users to have an unknown impact via (1) EXFSYS.DBMS_RLMGR_UTL in Rules Manager (DB11) and (2) Program Interface (DB13). Múltiples vulnerabilidades no especificadas en Oracle Database versión 10.2.0.3, permiten a usuarios autenticados remotoss tener un impacto desconocido por medio de (1) EXFSYS.DBMS_RLMGR_UTL en Rules Manager (DB11) y (2) Program Interface (DB13). • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143 http://secunia.com/advisories/26114 http://secunia.com/advisories/26166 http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html http://www.securitytracker.com/id?1018415 http://www.us-cert.gov/cas/techalerts/TA07-200A •

CVSS: 6.5EPSS: 4%CPEs: 2EXPL: 0

CVE-2007-3853

https://notcve.org/view.php?id=CVE-2007-3853

Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.3 allow remote authenticated users to have unknown impact via (1) DBMS_JAVA_TEST in the JavaVM component (DB01), (2) Oracle Text component (DB09), and (3) MDSYS.SDO_GEOR_INT in the Spatial component (DB15). NOTE: a reliable researcher claims that DB01 is SQL injection in DBMS_PRVTAQIS. Multiples vulnerabilidades no especificadas en Oracle Database 10.1.0.5 y 10.2.0.3 permiten a atacantes remotos autenticados tener un impacto desconocido mediante (1) DBMS_JAVA_TEST en el componente JavaVM component (DB01), (2) Oracle Text component (DB09), y (3) MDSYS.SDO_GEOR_INT en el componente Spatial (DB15). NOTA: Un investigador fiable indica que DB01 es inyección de SQL en DBMS_PRVTAQIS. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?lang=en&cc=us&objectID=c00727143 http://secunia.com/advisories/26114 http://secunia.com/advisories/26166 http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_July_2007_Analysis.pdf http://www.oracle.com/technetwork/topics/security/cpujul2007-087014.html http://www.red-database-security.com/advisory/oracle_cpu_jul_2007.html http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_prvtaqis.html http://w •