CVSS: 9.0EPSS: 1%CPEs: 3EXPL: 0CVE-2006-3703
https://notcve.org/view.php?id=CVE-2006-3703
Unspecified vulnerability in InterMedia for Oracle Database 9.0.1.5, 9.2.0.6, and 10.1.0.4 has unknown impact and attack vectors, aka oracle Vuln# DB07. Vulnerabilidad no especificada en InterMedia para Oracle Database 9.0.1.5, 9.2.0.6, y 10.1.0.4 tiene un impacto desconocido y vectores de ataque, también conocido como oracle Vuln# DB07. • http://secunia.com/advisories/21111 http://secunia.com/advisories/21165 http://securitytracker.com/id?1016529 http://www.oracle.com/technetwork/topics/security/cpujul2006-101315.html http://www.red-database-security.com/advisory/oracle_cpu_july_2006.html http://www.securityfocus.com/archive/1/440758/100/100/threaded http://www.securityfocus.com/bid/19054 http://www.us-cert.gov/cas/techalerts/TA06-200A.html http://www.vupen.com/english/advisories/2006/2863 http://www.vupen.c •
CVSS: 10.0EPSS: 5%CPEs: 2EXPL: 0CVE-2006-3700
https://notcve.org/view.php?id=CVE-2006-3700
Multiple unspecified vulnerabilities in Oracle Database 9.2.0.6 and 10.1.0.4 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB04 for Web Distributed Authoring and Versioning (DAV) and (2) DB23 for XMLDB. Múltiples vulnerabilidades no especificadas en Oracle Database 9.2.0.6 y 10.1.0.4 tienen un impacto desconocido y vectores de ataque, también conocido como racle Vuln# (1) DB04 para Web Distributed Authoring y Versioning (DAV) y (2) DB23 para XMLDB. • http://secunia.com/advisories/21111 http://secunia.com/advisories/21165 http://securitytracker.com/id?1016529 http://www.oracle.com/technetwork/topics/security/cpujul2006-101315.html http://www.red-database-security.com/advisory/oracle_cpu_july_2006.html http://www.securityfocus.com/archive/1/440758/100/100/threaded http://www.securityfocus.com/bid/19054 http://www.us-cert.gov/cas/techalerts/TA06-200A.html http://www.vupen.com/english/advisories/2006/2863 http://www.vupen.c •
CVSS: 10.0EPSS: 1%CPEs: 46EXPL: 0CVE-2006-1884
https://notcve.org/view.php?id=CVE-2006-1884
Unspecified vulnerability in the Oracle Thesaurus Management System component in Oracle E-Business Suite and OPA 4.5.2 Applications has unknown impact and attack vectors, aka Vuln# OPA01. • http://secunia.com/advisories/19712 http://secunia.com/advisories/19859 http://securitytracker.com/id?1015961 http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html http://www.securityfocus.com/archive/1/432267/100/0/threaded http://www.securityfocus.com/bid/17590 http://www.vupen.com/english/advisories/2006/1397 http://www.vupen.com/english/advisories/2006/1571 https://exchange.xforce.ibmcloud.com/vulnerabilities/26058 •
CVSS: 6.5EPSS: 2%CPEs: 2EXPL: 1CVE-2006-1871
https://notcve.org/view.php?id=CVE-2006-1871
SQL injection vulnerability in Oracle Database Server 9.2.0.7 and 10.1.0.5 allows remote attackers to execute arbitrary SQL commands via the DELETE_FROM_TABLE function in the DBMS_LOGMNR_SESSION (Log Miner) package, aka Vuln# DB06. Vulnerabilidad de inyección de Oracle Database Server 9.2.0.7 y 10.1.0.5 permite a atacantes remotos ejecutar órdenes SQL de su elección mediante la función DELETE_FROM_TALBE en el paquete DBMS_LOGMNGR_SESSION (Log Miner), tcc Vuln# DB06. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/045280.html http://secunia.com/advisories/19712 http://secunia.com/advisories/19859 http://securitytracker.com/id?1015961 http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html http://www.red-database-security.com/advisory/oracle_sql_injection_dbms_logmnr_session.html http://www.securityfocus.com/archive/1/431345/30/5490/threaded http://www.securityfocus.com/archive/1/432267/100/0/threaded http://www.securit • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 1CVE-2006-1876
https://notcve.org/view.php?id=CVE-2006-1876
Unspecified vulnerability in Oracle Database Server 9.2.0.7 and 10.1.0.4 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln# DB12. NOTE: details are unavailable from Oracle, but as of 20060421, they have not publicly disputed a claim by a reliable independent researcher that states that the problem is SQL injection in the (1) GEN_RID_RANGE_BY_AREA and (2) GEN_RID_RANGE functions in the MDSYS.SDO_PRIDX package. Vulnerabilidad no especificada en Oracle Database Server 9.2.0.7 and 10.1.0.4 tiene impacto y vectores de ataque desconocidos en el componente Oracle Spatial, tcc Vuln# DB12. NOTA: no hay detalles disponibles de Oracle, pero desde 20060521, no han disputado públicamente una queja de un investigador independiente fiable que afirma que el problema es inyección de SQL en las funciones (1) GEN_RID_RANGE_BY_AREA y (2) GEN_RID_RANGE en el paquete MDSYS.SDO_PRIDX. • http://secunia.com/advisories/19712 http://secunia.com/advisories/19859 http://securitytracker.com/id?1015961 http://www.kb.cert.org/vuls/id/240249 http://www.oracle.com/technetwork/topics/security/cpuapr2006-090826.html http://www.red-database-security.com/advisory/oracle_cpu_apr_2006.html http://www.securityfocus.com/archive/1/432267/100/0/threaded http://www.securityfocus.com/bid/17590 http://www.vupen.com/english/advisories/2006/1397 http://www.vupen.com/english/advis •