CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2010-4413
https://notcve.org/view.php?id=CVE-2010-4413
Unspecified vulnerability in the Scheduler Agent component in Oracle Database Server 11.1.0.7 and 11.2.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. Una vulnerabilidad no especificada en el componente "Scheduler Agent" de Oracle Database Server v11.1.0.7 y v11.2.0.1 permite a usuarios remotos autenticados afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. • http://secunia.com/advisories/42895 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://www.securityfocus.com/bid/45845 http://www.securitytracker.com/id?1024972 http://www.vupen.com/english/advisories/2011/0139 https://exchange.xforce.ibmcloud.com/vulnerabilities/64759 •
CVSS: 4.9EPSS: 0%CPEs: 3EXPL: 0CVE-2010-3590
https://notcve.org/view.php?id=CVE-2010-3590
Unspecified vulnerability in the Oracle Spatial component in Oracle Database Server 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality and integrity, related to MDSYS. Vulnerabilidad no especificada en el componente Oracle Spatial para Oracle Database Server v10.2.0.4, v11.1.0.7 y v11.2.0.1 permite a usuarios autenticados remotamente afectar a la confidencialidad y la integridad, relacionado con MDSYS. • http://secunia.com/advisories/42895 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://www.securityfocus.com/bid/45880 http://www.securitytracker.com/id?1024972 http://www.vupen.com/english/advisories/2011/0139 https://exchange.xforce.ibmcloud.com/vulnerabilities/64758 •
CVSS: 6.8EPSS: 1%CPEs: 5EXPL: 0CVE-2010-4421
https://notcve.org/view.php?id=CVE-2010-4421
Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente Database Vault en Oracle Database Server v.10.2.0.3, v.10.2.0.4, v.10.2.0.5, v.11.1.0.7, y 11.2.0.1 permite a atacantes remotos comprometer la confidencialidad, integridad, y disponibilidad a través de vectores desconocidos. • http://secunia.com/advisories/42895 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://www.securityfocus.com/bid/45905 http://www.securitytracker.com/id?1024972 http://www.vupen.com/english/advisories/2011/0139 https://exchange.xforce.ibmcloud.com/vulnerabilities/64757 •
CVSS: 10.0EPSS: 97%CPEs: 3EXPL: 2CVE-2010-3600 – Oracle Database and Enterprise Manager Grid Control Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-3600
Unspecified vulnerability in the Client System Analyzer component in Oracle Database Server 11.1.0.7 and 11.2.0.1 and Enterprise Manager Grid Control 10.2.0.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable third party coordinator that this issue involves an exposed JSP script that accepts XML uploads in conjunction with NULL bytes in an unspecified parameter that allow execution of arbitrary code. Una vulnerabilidad no especificada en el componente Client System Analyzer en Database Server versiones 11.1.0.7 y 11.2.0.1 y Enterprise Manager Grid Control versión 10.2.0.5, de Oracle, permite a los atacantes remotos afectar la confidencialidad, integridad y disponibilidad por medio de vectores desconocidos. NOTA: la información anterior fue obtenida de la CPU de enero de 2011. • https://www.exploit-db.com/exploits/22714 https://github.com/LAITRUNGMINHDUC/CVE-2010-3600-PythonHackOracle11gR2 http://secunia.com/advisories/42895 http://secunia.com/advisories/42921 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://www.securityfocus.com/bid/45883 http://www.securitytracker.com/id?1024972 http://www.vupen.com/english/advisories/2011/0139 http://www.vupen.com/english/advisories/2011/0140 http://www.zerodayinitiative.com/advisories/ZDI-11-018&# •
CVSS: 4.9EPSS: 6%CPEs: 4EXPL: 0CVE-2010-2415 – Oracle DB SQL Injection Via SYS.DBMS_CDC_PUBLISH.CREATE_CHANGE_SET
https://notcve.org/view.php?id=CVE-2010-2415
Unspecified vulnerability in the Change Data Capture component in Oracle Database Server 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_CDC_PUBLISH. Vulnerabilidad no especificada en el componente Change Data Capture en Oracle Database Server v10.1.0.5, v10.2.0.4, v11.1.0.7, y v11.2.0.1 permite a usuarios remotos autenticados afectar a la confidencialidad y la integridad, relacionados con DBMS_CDC_PUBLISH. • http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html http://www.us-cert.gov/cas/techalerts/TA10-287A.html •