CVSS: 9.8EPSS: 1%CPEs: 6EXPL: 0CVE-2007-0281
https://notcve.org/view.php?id=CVE-2007-0281
17 Jan 2007 — Multiple unspecified vulnerabilities in Oracle HTTP Server 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.3; Application Server 9.0.4.3, 10.1.2.0.0, 10.1.2.0.1, 10.1.2.0.2, 10.1.2.1, and 10.1.3.0; and Collaboration Suite 9.0.4.2 and 10.1.2; have unknown impact and attack vectors related to the Oracle HTTP Server, aka (1) OHS03 and (2) OHS04. Múltiples vulnerabilidades no especificadas en Oracle HTTP Server 9.0.1.5, 9.2.0.8, 10.1.0.5, y 10.2.0.3; Application Server 9.0.4.3, 10.1.2.0.0, 10.1.2.0.1, 10.1.2.0.2, 10.1.2... • http://osvdb.org/32883 •
CVSS: 5.4EPSS: 0%CPEs: 8EXPL: 0CVE-2007-0275
https://notcve.org/view.php?id=CVE-2007-0275
17 Jan 2007 — Cross-site scripting (XSS) vulnerability in Oracle Reports Web Cartridge (RWCGI60) in the Workflow Cartridge component, as used in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3; Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2; Collaboration Suite 10.1.2; and Oracle E-Business Suite and Applications 11.5.10CU2; allows remote authenticated users to inject arbitrary HTML or web script via the genuser parameter to rwcgi60, aka OWF01. Vulnerabilidad de tipo cross-site-scripting (XSS) en Oracle Reports Web... • http://osvdb.org/32906 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 1%CPEs: 6EXPL: 0CVE-2007-0285
https://notcve.org/view.php?id=CVE-2007-0285
17 Jan 2007 — Unspecified vulnerability in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2; Collaboration Suite 9.0.4.2 and 10.1.2; and E-Business Suite and Applications 11.5.10CU2 has unknown impact and attack vectors related to Oracle Reports Developer, aka REP01. Vulnerabilidad no especificada en Oracle Application Server 9.0.4.3, 10.1.2.0.2, y 10.1.2.2; Collaboration Suite 9.0.4.2 y 10.1.2; y E-Business Suite and Applications 11.5.10CU2 tienen impacto y vectores de ataque desconocidos relacionados con el ... • http://osvdb.org/32894 •
CVSS: 9.8EPSS: 2%CPEs: 3EXPL: 0CVE-2007-0286
https://notcve.org/view.php?id=CVE-2007-0286
17 Jan 2007 — Unspecified vulnerability in Oracle Application Server 10.1.2.0.2 and 10.1.3.0, and Collaboration Suite 10.1.2, has unknown impact and attack vectors related to Containers for J2EE, aka OC4J07. Vulnerabilidad no especificada en Oracle Application Server 10.1.2.0.2 y 10.1.3.0, y Collaboration Suite 10.1.2, tiene impacto y vectores de ataque desconocidos relacionados con Contenedores para J2EE, también conocido como OC4J07. • http://osvdb.org/32901 •
CVSS: 9.8EPSS: 2%CPEs: 6EXPL: 0CVE-2007-0280
https://notcve.org/view.php?id=CVE-2007-0280
17 Jan 2007 — Unspecified vulnerability in Oracle HTTP Server 9.0.1.5, Application Server 9.0.4.3, 10.1.2.0.0, 10.1.2.0.2, and 10.1.2.2; and Collaboration Suite 9.0.4.2 and 10.1.2; has unknown impact and attack vectors related to the Oracle Process Mgmt & Notification component, aka OPMN01. NOTE: as of 20070123, Oracle has not disputed claims by a reliable researcher that OPMN01 is for a buffer overflow in Oracle Notification Service (ONS). Vulnerabilidad no especificada en Oracle HTTP Server 9.0.1.5, Application Server ... • http://osvdb.org/32905 •
CVSS: 10.0EPSS: 1%CPEs: 46EXPL: 0CVE-2006-1884
https://notcve.org/view.php?id=CVE-2006-1884
20 Apr 2006 — Unspecified vulnerability in the Oracle Thesaurus Management System component in Oracle E-Business Suite and OPA 4.5.2 Applications has unknown impact and attack vectors, aka Vuln# OPA01. • http://secunia.com/advisories/19712 •
CVSS: 9.1EPSS: 2%CPEs: 40EXPL: 0CVE-2006-0435
https://notcve.org/view.php?id=CVE-2006-0435
26 Jan 2006 — Unspecified vulnerability in Oracle PL/SQL (PLSQL), as used in Database Server DS 9.2.0.7 and 10.1.0.5, Application Server 1.0.2.2, 9.0.4.2, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0.0, E-Business Suite and Applications 11.5.10, and Collaboration Suite 10.1.1, 10.1.2.0, 10.1.2.1, and 9.0.4.2, allows attackers to bypass the PLSQLExclusion list and access excluded packages and procedures, aka Vuln# PLSQL01. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-February/041898.html •