CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2016-5505
https://notcve.org/view.php?id=CVE-2016-5505
25 Oct 2016 — Unspecified vulnerability in the RDBMS Programmable Interface component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors. Vulnerabilidad no especificada en el componente RDBMS Programmable Interface en Oracle Database Server 11.2.0.4 y 12.1.0.2 permite a usuarios locales afectar la confidencialidad a través de vectores desconocidos. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.1EPSS: 1%CPEs: 2EXPL: 0CVE-2016-5555
https://notcve.org/view.php?id=CVE-2016-5555
25 Oct 2016 — Unspecified vulnerability in the OJVM component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote administrators to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente OJVM en Oracle Database Server 11.2.0.4 y 12.1.0.2 permite a administradores remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html •
CVSS: 7.5EPSS: 40%CPEs: 45EXPL: 2CVE-2016-2183 – SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32)
https://notcve.org/view.php?id=CVE-2016-2183
01 Sep 2016 — The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack. Los cifrados DES y Triple DES, como se usan en los protocolos TLS, SSH e IPSec y otros protocolos y productos, tienen ... • https://packetstorm.news/files/id/142756 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 9.0EPSS: 2%CPEs: 3EXPL: 0CVE-2016-3609
https://notcve.org/view.php?id=CVE-2016-3609
21 Jul 2016 — Unspecified vulnerability in the OJVM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente OJVM en Oracle Database Server 11.2.0.4, 12.1.0.1 y 12.1.0.2 permite a usuarios remotos autenticados afectar la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos. • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html •
CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2016-3479
https://notcve.org/view.php?id=CVE-2016-3479
21 Jul 2016 — Unspecified vulnerability in the Portable Clusterware component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote attackers to affect availability via unknown vectors. Vulnerabilidad no especificada en el componente Portable Clusterware en Oracle Database Server 11.2.0.4 y 12.1.0.2 permite a atacantes remotos afectar la disponibilidad a través de vectores no especificados. • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html •
CVSS: 3.4EPSS: 0%CPEs: 3EXPL: 0CVE-2016-3484
https://notcve.org/view.php?id=CVE-2016-3484
21 Jul 2016 — Unspecified vulnerability in the Database Vault component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality and integrity via unknown vectors. Vulnerabilidad no especificada en el componente Database Vault en Oracle Database Server 11.2.0.4, 12.1.0.1 y 12.1.0.2 permite a usuarios locales afectar la confidencialidad y la integridad a través de vectores desconocidos. • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html •
CVSS: 7.2EPSS: 0%CPEs: 3EXPL: 0CVE-2016-3489
https://notcve.org/view.php?id=CVE-2016-3489
21 Jul 2016 — Unspecified vulnerability in the Data Pump Import component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente Data Pump Import en Oracle Database Server 11.2.0.4, 12.1.0.1 y 12.1.0.2 permite a usuarios locales afectar la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos. • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html •
CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 0CVE-2016-0690
https://notcve.org/view.php?id=CVE-2016-0690
21 Apr 2016 — Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect integrity via unknown vectors, a different vulnerability than CVE-2016-0691. Vulnerabilidad no especificada en el componente RDBMS Security en Oracle Database Server 11.2.0.4, 12.1.0.1 y 12.1.0.2 permite a usuarios locales afectar a la integridad a través de vectores desconocidos, una vulnerabilidad distinta a CVE-2016-0691. • http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html •
CVSS: 4.0EPSS: 0%CPEs: 3EXPL: 0CVE-2016-0691
https://notcve.org/view.php?id=CVE-2016-0691
21 Apr 2016 — Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect integrity via unknown vectors, a different vulnerability than CVE-2016-0690. Vulnerabilidad no especificada en el componente RDBMS Security en Oracle Database Server 11.2.0.4, 12.1.0.1 y 12.1.0.2 permite a usuarios locales afectar a la integridad a través de vectores desconocidos, una vulnerabilidad distinta a CVE-2016-0690. • http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html •
CVSS: 9.0EPSS: 1%CPEs: 3EXPL: 0CVE-2016-3454
https://notcve.org/view.php?id=CVE-2016-3454
21 Apr 2016 — Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente Java VM en Oracle Database Server 11.2.0.4, 12.1.0.1 y 12.1.0.2 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. • http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html •