CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-21829
https://notcve.org/view.php?id=CVE-2023-21829
17 Jan 2023 — Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to compromise Oracle Database RDBMS Security. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification acces... • https://www.oracle.com/security-alerts/cpujan2023.html •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-21827
https://notcve.org/view.php?id=CVE-2023-21827
17 Jan 2023 — Vulnerability in the Oracle Database Data Redaction component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to compromise Oracle Database Data Redaction. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Database Data Redaction accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts)... • https://www.oracle.com/security-alerts/cpujan2023.html •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-21596
https://notcve.org/view.php?id=CVE-2022-21596
18 Oct 2022 — Vulnerability in the Oracle Database - Advanced Queuing component of Oracle Database Server. The supported version that is affected is 19c. Easily exploitable vulnerability allows high privileged attacker having DBA user privilege with network access via Oracle Net to compromise Oracle Database - Advanced Queuing. Successful attacks of this vulnerability can result in takeover of Oracle Database - Advanced Queuing. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). • https://www.oracle.com/security-alerts/cpuoct2022.html •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-21603
https://notcve.org/view.php?id=CVE-2022-21603
18 Oct 2022 — Vulnerability in the Oracle Database - Sharding component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows high privileged attacker having Local Logon privilege with network access via Local Logon to compromise Oracle Database - Sharding. Successful attacks of this vulnerability can result in takeover of Oracle Database - Sharding. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). • https://www.oracle.com/security-alerts/cpuoct2022.html •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-21606
https://notcve.org/view.php?id=CVE-2022-21606
18 Oct 2022 — Vulnerability in the Oracle Services for Microsoft Transaction Server component of Oracle Database Server. The supported version that is affected is 19c. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Services for Microsoft Transaction Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Services for Microsoft Transaction Server, attacks may significantly impact ... • https://www.oracle.com/security-alerts/cpuoct2022.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-21565
https://notcve.org/view.php?id=CVE-2022-21565
19 Jul 2022 — Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via Oracle Net to compromise Java VM. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java VM accessible data. CVSS 3.1 Base Score 6.5 (Integrity impacts). • https://www.oracle.com/security-alerts/cpujul2022.html •
CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-21511
https://notcve.org/view.php?id=CVE-2022-21511
19 Jul 2022 — Vulnerability in the Oracle Database - Enterprise Edition Recovery component of Oracle Database Server. For supported versions that are affected see note. Easily exploitable vulnerability allows high privileged attacker having EXECUTE ON DBMS_IR.EXECUTESQLSCRIPT privilege with network access via Oracle Net to compromise Oracle Database - Enterprise Edition Recovery. Successful attacks of this vulnerability can result in takeover of Oracle Database - Enterprise Edition Recovery. Note: None of the supported v... • https://www.oracle.com/security-alerts/cpujul2022.html •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-21510
https://notcve.org/view.php?id=CVE-2022-21510
19 Jul 2022 — Vulnerability in the Oracle Database - Enterprise Edition Sharding component of Oracle Database Server. For supported versions that are affected see note. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Oracle Database - Enterprise Edition Sharding executes to compromise Oracle Database - Enterprise Edition Sharding. While the vulnerability is in Oracle Database - Enterprise Edition Sharding, attacks may significantly impact... • https://www.oracle.com/security-alerts/cpujul2022.html •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-21432
https://notcve.org/view.php?id=CVE-2022-21432
19 Jul 2022 — Vulnerability in the Oracle Database - Enterprise Edition RDBMS Security component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 19c and 21c. Easily exploitable vulnerability allows high privileged attacker having DBA role privilege with network access via Oracle Net to compromise Oracle Database - Enterprise Edition RDBMS Security. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Database... • https://www.oracle.com/security-alerts/cpujul2022.html •
CVSS: 9.8EPSS: 0%CPEs: 11EXPL: 0CVE-2020-35169
https://notcve.org/view.php?id=CVE-2020-35169
11 Jul 2022 — Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Improper Input Validation Vulnerability. Dell BSAFE Crypto-C Micro Edition, versiones anteriores a 4.1.5, y Dell BSAFE Micro Edition Suite, versiones anteriores a 4.5.2, contienen una vulnerabilidad de Comprobación de Entrada Inapropiada • https://www.dell.com/support/kbdoc/en-us/000181115/dsa-2020-286-dell-bsafe-crypto-c-micro-edition-4-1-5-and-dell-bsafe-micro-edition-suite-4-6-multiple-security-vulnerabilities • CWE-20: Improper Input Validation CWE-347: Improper Verification of Cryptographic Signature •