CVSS: 9.0EPSS: 0%CPEs: 2EXPL: 0CVE-2017-3310
https://notcve.org/view.php?id=CVE-2017-3310
27 Jan 2017 — Vulnerability in the OJVM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple protocols to compromise OJVM. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in OJVM, attacks may significantly impact additional products. Successful attacks of this vuln... • http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html •
CVSS: 7.5EPSS: 40%CPEs: 45EXPL: 2CVE-2016-2183 – SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)
https://notcve.org/view.php?id=CVE-2016-2183
01 Sep 2016 — The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack. Los cifrados DES y Triple DES, como se usan en los protocolos TLS, SSH e IPSec y otros protocolos y productos, tienen ... • https://packetstorm.news/files/id/142756 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2016-3479
https://notcve.org/view.php?id=CVE-2016-3479
21 Jul 2016 — Unspecified vulnerability in the Portable Clusterware component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote attackers to affect availability via unknown vectors. Vulnerabilidad no especificada en el componente Portable Clusterware en Oracle Database Server 11.2.0.4 y 12.1.0.2 permite a atacantes remotos afectar la disponibilidad a través de vectores no especificados. • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html •
CVSS: 3.4EPSS: 0%CPEs: 3EXPL: 0CVE-2016-3484
https://notcve.org/view.php?id=CVE-2016-3484
21 Jul 2016 — Unspecified vulnerability in the Database Vault component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality and integrity via unknown vectors. Vulnerabilidad no especificada en el componente Database Vault en Oracle Database Server 11.2.0.4, 12.1.0.1 y 12.1.0.2 permite a usuarios locales afectar la confidencialidad y la integridad a través de vectores desconocidos. • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2016-3489
https://notcve.org/view.php?id=CVE-2016-3489
21 Jul 2016 — Unspecified vulnerability in the Data Pump Import component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente Data Pump Import en Oracle Database Server 11.2.0.4, 12.1.0.1 y 12.1.0.2 permite a usuarios locales afectar la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos. • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html •
CVSS: 9.0EPSS: 1%CPEs: 3EXPL: 0CVE-2016-3609
https://notcve.org/view.php?id=CVE-2016-3609
21 Jul 2016 — Unspecified vulnerability in the OJVM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente OJVM en Oracle Database Server 11.2.0.4, 12.1.0.1 y 12.1.0.2 permite a usuarios remotos autenticados afectar la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos. • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html •
CVSS: 5.9EPSS: 1%CPEs: 2EXPL: 0CVE-2016-0677
https://notcve.org/view.php?id=CVE-2016-0677
21 Apr 2016 — Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.1 and 12.1.0.2 allows remote attackers to affect availability via unknown vectors. Vulnerabilidad no especificada en el componente RDBMS Security en Oracle Database Server 12.1.0.1 y 12.1.0.2 permite a atacantes remotos afectar a la disponibilidad a través de vectores desconocidos. • http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html •
CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 0CVE-2016-0690
https://notcve.org/view.php?id=CVE-2016-0690
21 Apr 2016 — Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect integrity via unknown vectors, a different vulnerability than CVE-2016-0691. Vulnerabilidad no especificada en el componente RDBMS Security en Oracle Database Server 11.2.0.4, 12.1.0.1 y 12.1.0.2 permite a usuarios locales afectar a la integridad a través de vectores desconocidos, una vulnerabilidad distinta a CVE-2016-0691. • http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html •
CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 0CVE-2016-0691
https://notcve.org/view.php?id=CVE-2016-0691
21 Apr 2016 — Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect integrity via unknown vectors, a different vulnerability than CVE-2016-0690. Vulnerabilidad no especificada en el componente RDBMS Security en Oracle Database Server 11.2.0.4, 12.1.0.1 y 12.1.0.2 permite a usuarios locales afectar a la integridad a través de vectores desconocidos, una vulnerabilidad distinta a CVE-2016-0690. • http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html •
CVSS: 9.0EPSS: 1%CPEs: 3EXPL: 0CVE-2016-3454
https://notcve.org/view.php?id=CVE-2016-3454
21 Apr 2016 — Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente Java VM en Oracle Database Server 11.2.0.4, 12.1.0.1 y 12.1.0.2 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. • http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html •