CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2012-1708
https://notcve.org/view.php?id=CVE-2012-1708
03 May 2012 — Unspecified vulnerability in the Application Express component in Oracle Database Server 4.0 and 4.1 allows remote attackers to affect integrity via unknown vectors. Vulnerabilidad no especificada en el componente Application Express en Oracle Database Server v4.0 y v4.1 permite a atacantes remotos afectar la a integridad a través de vectores desconocidos. • http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 •
CVSS: 9.9EPSS: 0%CPEs: 2EXPL: 0CVE-2011-3525
https://notcve.org/view.php?id=CVE-2011-3525
18 Oct 2011 — Unspecified vulnerability in the Application Express component in Oracle Database Server 3.2 and 4.0 allows remote authenticated users to affect confidentiality, integrity, and availability, related to APEX developer user. Vulnerabilidad no especificada en el componente Application Express en Oracle Database Server v3.2 y v4.0 permite a usuarios autenticados de forma remota afectar a la confidencialidad, integridad y disponibilidad, relacionado con un usuario desarrollador APEX. • http://osvdb.org/76516 •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 0CVE-2010-0892
https://notcve.org/view.php?id=CVE-2010-0892
13 Jul 2010 — Unspecified vulnerability in the Application Express component in Oracle Database Server 3.2.0.00.27 allows remote attackers to affect integrity via unknown vectors. Vulnerabilidad sin especificar en el componente Application Express en Oracle Database Server v3.2.0.00.27 permite a atacantes remotos comprometer la integridad a través de vectores desconocidos. • http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html •
CVSS: 9.6EPSS: 0%CPEs: 1EXPL: 0CVE-2009-1993
https://notcve.org/view.php?id=CVE-2009-1993
22 Oct 2009 — Unspecified vulnerability in the Application Express component in Oracle Database 3.0.1 allows remote authenticated users to affect confidentiality and integrity, related to FLOWS_030000.WWV_EXECUTE_IMMEDIATE. Vulnerabilidad sin especificar en el componente Application Express en Oracle Database v3.0.1, permite a usuarios autenticados remotamente comprometer la confidencialidad e integridad. Relacionado con el FLOWS_030000.WWV_EXECUTE_IMMEDIATE. • http://secunia.com/advisories/37027 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2007-3337
https://notcve.org/view.php?id=CVE-2007-3337
22 Jun 2007 — wakeup in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (Computer Associates) products, allows local users to truncate arbitrary files via a symlink attack on the alarmwkp.def file. El inicio (wakeup) en la base de datos Ingres server 2006 9.0.4, r3, 2.6 y 2.5, tal y como se usa en los productos CA (Computer Associates), permite a usuarios locales truncar ficheros de su elección mediante un ataque symlink (de enlaces simbólicos) en el fichero alarmwkp.def. • http://osvdb.org/37485 •
CVSS: 10.0EPSS: 82%CPEs: 4EXPL: 1CVE-2007-3336 – CA Advantage Ingres 2.6 - Multiple Buffer Overflow Vulnerabilities (PoC)
https://notcve.org/view.php?id=CVE-2007-3336
22 Jun 2007 — Multiple "pointer overwrite" vulnerabilities in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (formerly Computer Associates) products, allow remote attackers to execute arbitrary code by sending certain TCP data at different times to the Ingres Communications Server Process (iigcc), which calls the (1) QUinsert or (2) QUremove functions with attacker-controlled input. Múltiples vulnerabilidades "pointer overwrite" en Ingres database server 2006 versiones 9.0.4, r3, 2.6 y 2.5, t... • https://www.exploit-db.com/exploits/14646 •
CVSS: 10.0EPSS: 40%CPEs: 4EXPL: 0CVE-2007-3338
https://notcve.org/view.php?id=CVE-2007-3338
22 Jun 2007 — Multiple stack-based buffer overflows in Ingres database server 2006 9.0.4, r3, 2.6, and 2.5, as used in multiple CA (Computer Associates) products, allow remote attackers to execute arbitrary code via the (1) uuid_from_char or (2) duve_get_args functions. Múltiples desbordamientos de búfer en la región stack de la memoria en Ingres database server 2006 versiones 9.0.4, r3, 2.6 y 2.5, tal como se usa en varios productos de CA (Computer Associates), permiten a los atacantes remotos ejecutar código arbitrario... • http://osvdb.org/37483 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 83%CPEs: 3EXPL: 1CVE-2007-3334 – Ingress Database Server 2.6 - Multiple Remote Vulnerabilities
https://notcve.org/view.php?id=CVE-2007-3334
21 Jun 2007 — Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors. Múltiples desbordamientos de búfer basados en montículo en los componentes (1) Communications Server (iigcc.exe) y (2) Data Access Server (iigcd.exe) para el Ingres Database Se... • https://www.exploit-db.com/exploits/30224 •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2005-3438
https://notcve.org/view.php?id=CVE-2005-3438
02 Nov 2005 — Multiple unspecified vulnerabilities in Oracle Database Server 9i up to 10.1.0.4.2 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB04 in Change Data Capture; (2) DB06 in Data Guard Logical Standby; (3) DB10 in Locale; (4) DB12 in Materialized Views; (5) DB13 in Objects Extension; (6) DB15 in Oracle Label Security; (7) DB27 in Security, possibly due to a buffer overflow in sys.pbsde.init; and (8) DB28 and (9) DB29 in Workspace Manager. • http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/038061.html •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 1CVE-2001-0833 – Oracle OTRCREP Oracle 8/9 - Home Environment Variable Buffer Overflow
https://notcve.org/view.php?id=CVE-2001-0833
06 Dec 2001 — Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable, aka the "Oracle Trace Collection Security Vulnerability." • https://www.exploit-db.com/exploits/21045 •