CVSS: 2.1EPSS: 0%CPEs: 2EXPL: 0CVE-2018-2575
https://notcve.org/view.php?id=CVE-2018-2575
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, and 12.2.0.1. Difficult to exploit vulnerability allows high privileged attacker having Local Logon privilege with network access via multiple protocols to compromise Core RDBMS. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Core RDBMS accessible data. • http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.securityfocus.com/bid/102547 http://www.securitytracker.com/id/1040196 •
CVSS: 8.3EPSS: 0%CPEs: 3EXPL: 0CVE-2018-2680
https://notcve.org/view.php?id=CVE-2018-2680
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java VM. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java VM, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java VM. • http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.securityfocus.com/bid/102571 http://www.securitytracker.com/id/1040196 •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-3562
https://notcve.org/view.php?id=CVE-2016-3562
Unspecified vulnerability in the RDBMS Security and SQL*Plus components in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote administrators to affect confidentiality via vectors related to DBA. Vulnerabilidad no especificada en los componentes RDBMS Security y SQL*Plus en Oracle Database Server 11.2.0.4 y 12.1.0.2 permite a administradores remotos afectar la confidencialidad a través de vectores relacionados con DBA. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93640 http://www.securitytracker.com/id/1037035 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2016-5555
https://notcve.org/view.php?id=CVE-2016-5555
Unspecified vulnerability in the OJVM component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote administrators to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente OJVM en Oracle Database Server 11.2.0.4 y 12.1.0.2 permite a administradores remotos afectar la confidencialidad, la integridad y la disponibilidad a través de vectores desconocidos. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93615 http://www.securitytracker.com/id/1037035 •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-5499
https://notcve.org/view.php?id=CVE-2016-5499
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2016-5498. Vulnerabilidad no especificada en el componente RDBMS Security en Oracle Database Server 11.2.0.4 y 12.1.0.2 permite a usuarios locales afectar la confidencialidad a través de vectores desconocidos, una vulnerabilidad diferente a CVE-2016-5498. • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.securityfocus.com/bid/93629 http://www.securitytracker.com/id/1037035 • CWE-264: Permissions, Privileges, and Access Controls •