CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 0CVE-2018-2575
https://notcve.org/view.php?id=CVE-2018-2575
18 Jan 2018 — Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, and 12.2.0.1. Difficult to exploit vulnerability allows high privileged attacker having Local Logon privilege with network access via multiple protocols to compromise Core RDBMS. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Core RDBMS accessible da... • http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html •
CVSS: 8.3EPSS: 3%CPEs: 3EXPL: 0CVE-2018-2680
https://notcve.org/view.php?id=CVE-2018-2680
18 Jan 2018 — Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java VM. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java VM, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in take... • http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-3562
https://notcve.org/view.php?id=CVE-2016-3562
25 Oct 2016 — Unspecified vulnerability in the RDBMS Security and SQL*Plus components in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote administrators to affect confidentiality via vectors related to DBA. Vulnerabilidad no especificada en los componentes RDBMS Security y SQL*Plus en Oracle Database Server 11.2.0.4 y 12.1.0.2 permite a administradores remotos afectar la confidencialidad a través de vectores relacionados con DBA. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-5498
https://notcve.org/view.php?id=CVE-2016-5498
25 Oct 2016 — Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2016-5499. Vulnerabilidad no especificada en el componente RDBMS Security en Oracle Database Server 11.2.0.4 y 12.1.0.2 permite a usuarios locales afectar la confidencialidad a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2016-5499. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-5499
https://notcve.org/view.php?id=CVE-2016-5499
25 Oct 2016 — Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2016-5498. Vulnerabilidad no especificada en el componente RDBMS Security en Oracle Database Server 11.2.0.4 y 12.1.0.2 permite a usuarios locales afectar la confidencialidad a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2016-5498. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-5505
https://notcve.org/view.php?id=CVE-2016-5505
25 Oct 2016 — Unspecified vulnerability in the RDBMS Programmable Interface component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors. Vulnerabilidad no especificada en el componente RDBMS Programmable Interface en Oracle Database Server 11.2.0.4 y 12.1.0.2 permite a usuarios locales afectar la confidencialidad a través de vectores desconocidos. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2016-5555
https://notcve.org/view.php?id=CVE-2016-5555
25 Oct 2016 — Unspecified vulnerability in the OJVM component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote administrators to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente OJVM en Oracle Database Server 11.2.0.4 y 12.1.0.2 permite a administradores remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html •
CVSS: 7.5EPSS: 12%CPEs: 19EXPL: 0CVE-2016-2381 – Gentoo Linux Security Advisory 201701-75
https://notcve.org/view.php?id=CVE-2016-2381
02 Mar 2016 — Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp. Perl podría permitir a atacantes dependientes de contexto eludir los mecanismos de protección taint en un proceso hijo a través de variables de entorno duplicadas en envp. Stephane Chazelas discovered a bug in the environment handling in Perl. Perl provides a Perl-space hash variable, %ENV, in which environment variables can be looked up. If a variable appears... • http://lists.opensuse.org/opensuse-updates/2016-03/msg00112.html • CWE-20: Improper Input Validation •
CVSS: 7.7EPSS: 0%CPEs: 3EXPL: 0CVE-2016-0461
https://notcve.org/view.php?id=CVE-2016-0461
21 Jan 2016 — Unspecified vulnerability in the XDB - XML Database component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect availability via unknown vectors. Vulnerabilidad no especificada en el componente XDB - XML Database en Oracle Database Server 11.2.0.4, 12.1.0.1 y 12.1.0.2 permite a usuarios remotos autenticados afectar a la disponibilidad a través de vectores desconocidos. • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2016-0467
https://notcve.org/view.php?id=CVE-2016-0467
21 Jan 2016 — Unspecified vulnerability in the Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect integrity via unknown vectors. Vulnerabilidad no especificada en el componente Security en Oracle Database Server 11.2.0.4, 12.1.0.1 y 12.1.0.2 permite a usuarios remotos autenticados afectar a la integridad a través de vectores desconocidos. • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html •