CVSS: 10.0EPSS: 0%CPEs: 15EXPL: 0CVE-2005-3445
https://notcve.org/view.php?id=CVE-2005-3445
Multiple unspecified vulnerabilities in HTTP Server in Oracle Database Server 8i up to 10.1.0.4.2 and Application Server 1.0.2.2 up to 10.1.2.0 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB30 and AS03 or (2) DB31 and AS05. • http://secunia.com/advisories/17250 http://www.kb.cert.org/vuls/id/210524 http://www.kb.cert.org/vuls/id/890940 http://www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html http://www.securityfocus.com/bid/15134 http://www.us-cert.gov/cas/techalerts/TA05-292A.html •
CVSS: 10.0EPSS: 0%CPEs: 8EXPL: 0CVE-2005-3449
https://notcve.org/view.php?id=CVE-2005-3449
Multiple unspecified vulnerabilities in Oracle Application Server 9.0 up to 10.1.2.0 have unknown impact and attack vectors, as identified by Oracle Vuln# (1) AS02 in Containers for J2EE, (2) AS07 in Internet Directory, (3) AS09 in Report Server, and (4) AS11 in Web Cache. • http://secunia.com/advisories/17250 http://www.kb.cert.org/vuls/id/210524 http://www.kb.cert.org/vuls/id/376756 http://www.kb.cert.org/vuls/id/512716 http://www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html http://www.securityfocus.com/bid/15134 http://www.us-cert.gov/cas/techalerts/TA05-292A.html •
CVSS: 4.3EPSS: 6%CPEs: 53EXPL: 2CVE-2005-3204 – Oracle 9 - XML DB Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2005-3204
Cross-site scripting (XSS) vulnerability in Oracle XML DB 9iR2 allows remote attackers to inject arbitrary web script or HTML via the query string in an HTTP request. • https://www.exploit-db.com/exploits/26332 http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0177.html http://marc.info/?l=bugtraq&m=112870541502542&w=2 http://secunia.com/advisories/15991 http://securityreason.com/securityalert/66 http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html http://www.osvdb.org/20054 http://www.red-database-security.com/advisory/oracle_xmldb_css.html http://www.securityfocus.com/bid/15034 https://exchange.xforce.ibmcloud.com/ •
CVSS: 7.5EPSS: 0%CPEs: 22EXPL: 1CVE-2005-1495
https://notcve.org/view.php?id=CVE-2005-1495
Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the SYS user executes a SELECT statement on an FGA object, which makes it easier for attackers to escape detection. • http://marc.info/?l=bugtraq&m=111531683824209&w=2 http://www.kb.cert.org/vuls/id/777773 http://www.red-database-security.com/advisory/oracle-fine-grained-auditing-issue.html http://www.securityfocus.com/bid/16258 https://exchange.xforce.ibmcloud.com/vulnerabilities/20407 •
CVSS: 5.0EPSS: 1%CPEs: 13EXPL: 0CVE-2004-2244
https://notcve.org/view.php?id=CVE-2004-2244
The XML parser in Oracle 9i Application Server Release 2 9.0.3.0 and 9.0.3.1, 9.0.2.3 and earlier, and Release 1 1.0.2.2 and 1.0.2.2.2, and Database Server Release 2 9.2.0.1 and later, allows remote attackers to cause a denial of service (CPU and memory consumption) via a SOAP message containing a crafted DTD. • http://otn.oracle.com/deploy/security/pdf/2004alert65.pdf http://secunia.com/advisories/10936 http://www.osvdb.org/4011 http://www.securityfocus.com/bid/9703 https://exchange.xforce.ibmcloud.com/vulnerabilities/15270 •