CVSS: 9.0EPSS: 2%CPEs: 7EXPL: 0CVE-2007-2130
https://notcve.org/view.php?id=CVE-2007-2130
18 Apr 2007 — Unspecified vulnerability in Workflow Cartridge, as used in Oracle Database Server 9.2.0.1, 10.1.0.2, and 10.2.0.1; Application Server 9.0.4.3 and 10.1.2.0.2; Collaboration Suite 10.1.2; and E-Business Suite; has unknown impact and remote authenticated attack vectors, aka OWF01. Vulnerabilidad no especificada en Workflow Cartridge, tal y como se usa en Oracle Database Server 9.2.0.1, 10.1.0.2, y 10.2.0.1; Application Server 9.0.4.3 y 10.1.2.0.2; Collaboration Suite 10.1.2; y E-Business Suite; tienen un impa... • http://www.integrigy.com/security-resources/analysis/Integrigy_Oracle_CPU_April_2007_Analysis.pdf •
CVSS: 8.8EPSS: 29%CPEs: 4EXPL: 0CVE-2007-0272
https://notcve.org/view.php?id=CVE-2007-0272
17 Jan 2007 — Multiple buffer overflows in MDSYS.MD in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 allows remote authenticated users to cause a denial of service (crash) or execute arbitrary code via unspecified vectors involving certain public procedures, aka DB05. Múltiples desbordamientos de búfer en MDSYS.MD en Oracle Database versiones 8.1.7.4, 9.0.1.5, 9.2.0.7 y 10.1.0.4 permite a los usuarios autenticados remotos causar una denegación de servicio (bloqueo) o ejecutar código arbitrario por medio de vect... • http://osvdb.org/32911 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2007-0278
https://notcve.org/view.php?id=CVE-2007-0278
17 Jan 2007 — Multiple unspecified vulnerabilities in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unknown impact and attack vectors related to (1) NLS Runtime and lmsgen (DB12), and (2) Oracle Text and ctxkbtc (DB14). Múltiples vulnerabilidades no especificadas en Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, y 10.1.0.5 tienen impacto y vectores de ataque desconocidos relacionados con (1) NLS Runtime y lmsgen (DB12), y (2) Oracle Text y ctxkbtc (DB14). • http://osvdb.org/32918 •
CVSS: 9.8EPSS: 4%CPEs: 3EXPL: 1CVE-2007-0268
https://notcve.org/view.php?id=CVE-2007-0268
17 Jan 2007 — Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unknown impact and attack vectors related to (1) the Advanced Queuing component and sys.dbms_aqsys.dbms_aq privileges (DB01), (2) Advanced Replication and sys.dbms_repcat_untrusted (DB07), and (3) Oracle Text and ctxload (DB15). NOTE: Oracle has not publicly claims by reliable researchers that DB01 is for SQL injection in the SYS.DBMS_AQ_INV package, and DB07 is for a buffer overflow in the UNREGISTER_SNAPSHOT proced... • http://osvdb.org/32907 •
CVSS: 8.8EPSS: 15%CPEs: 2EXPL: 0CVE-2007-0270
https://notcve.org/view.php?id=CVE-2007-0270
17 Jan 2007 — Buffer overflow in SYS.DBMS_DRS in Oracle Database 9.2.0.7 and 10.1.0.4 allows remote authenticated users to cause a denial of service (crash) or execute arbitrary code via the GET_PROPERTY function in SYS.DBMS_DRS, aka DB03. Un desbordamiento de búfer en SYS.DBMS_DRS en Oracle Database versiones 9.2.0.7 y 10.1.0.4, permite a los usuarios autenticados remotos causar una denegación de servicio (bloqueo) o ejecutar código arbitrario por medio de la función GET_PROPERTY en SYS.DBMS_DRS, también se conoce como ... • http://osvdb.org/32909 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 8%CPEs: 2EXPL: 0CVE-2007-0271
https://notcve.org/view.php?id=CVE-2007-0271
17 Jan 2007 — Unspecified vulnerability in Oracle Database 9.0.1.5 and 9.2.0.7 has unknown impact and attack vectors related to the Log Miner component and sys.dbms_log_mnr privileges, aka DB04. NOTE: Oracle has not disputed a reliable researcher claim that this is a buffer overflow in the ADD_LOGFILE procedure for the SYS.DBMS_LOGMNR package that allows code execution. Vulnerabilidad no especificada en Oracle Database 9.0.1.5 y 9.2.0.7 tiene un impacto desconocido y vectores de ataque relacionados con el componente Log ... • http://osvdb.org/32910 •
CVSS: 6.1EPSS: 0%CPEs: 4EXPL: 0CVE-2007-0273
https://notcve.org/view.php?id=CVE-2007-0273
17 Jan 2007 — Unspecified vulnerability in Oracle Database 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and attack vectors related to XMLDB, aka DB06. NOTE: as of 20070123, Oracle has not disputed claims by a reliable researcher that DB06 is for multiple cross-site scripting (XSS) vulnerabilities. Vulnerabilidad no especificada en Oracle Database 9.0.1.5, 9.2.0.8, 10.1.0.5, y 10.2.0.3 tienen un impacto desconocido y vectores de ataque relacionados con XMLDB, también conocido como DBO6. NOTA: desde el 23/01... • http://osvdb.org/32912 •
CVSS: 9.8EPSS: 12%CPEs: 2EXPL: 1CVE-2007-0274
https://notcve.org/view.php?id=CVE-2007-0274
17 Jan 2007 — Multiple unspecified vulnerabilities in Oracle Database 9.2.0.7 and 10.1.0.5 have unknown impact and attack vectors related to (1) Export and sys.dbms_logrep_util (DB08), and (2) Oracle Streams and sys.dbms_capture_adm_internal privileges (DB09). NOTE: Oracle has not disputed reliable researcher claims that DB08 is for a buffer overflow in the GET_OBJECT_NAME procedure in the DBMS_LOGREP_UTIL package, and DB09 is for buffer overflows in the CREATE_CAPTURE, ALTER_CAPTURE, and ABORT_TABLE_INSTANTIATION proced... • http://osvdb.org/32914 •
CVSS: 9.8EPSS: 5%CPEs: 2EXPL: 0CVE-2006-5332
https://notcve.org/view.php?id=CVE-2006-5332
18 Oct 2006 — Unspecified vulnerability in xdb.dbms_xdbz in the XMLDB component for Oracle Database 9.2.0.6 and 10.1.0.4 has unknown impact and remote authenticated attack vectors, aka Vuln# DB01. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB01 is for PL/SQL injection in the ENABLE_HIERARCHY_INTERNAL procedure. Vulnerabilidad no especificada en xdb.dbms_xdbz en el componente XMLDB para Oracle Database 9.2.0.6 y 10.1.0.4 tiene impacto y vectores de ataque remotos autenticados de... • http://secunia.com/advisories/22396 •
CVSS: 9.8EPSS: 8%CPEs: 3EXPL: 0CVE-2006-5334
https://notcve.org/view.php?id=CVE-2006-5334
18 Oct 2006 — Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 has unknown impact and remote authenticated attack vectors related to mdsys.md2, aka Vuln# DB03. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB03 is related to one or more of (1) a buffer overflow in the (a) RELATE function or (2) SQL injection in the (b) TESSELATE_FIXED and (c) TESSELATE function. Vulnerabilidad no especificada en el componente Oracle Spatial en... • http://secunia.com/advisories/22396 •