CVSS: 10.0EPSS: 0%CPEs: 15EXPL: 0CVE-2005-3445
https://notcve.org/view.php?id=CVE-2005-3445
Multiple unspecified vulnerabilities in HTTP Server in Oracle Database Server 8i up to 10.1.0.4.2 and Application Server 1.0.2.2 up to 10.1.2.0 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB30 and AS03 or (2) DB31 and AS05. • http://secunia.com/advisories/17250 http://www.kb.cert.org/vuls/id/210524 http://www.kb.cert.org/vuls/id/890940 http://www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html http://www.securityfocus.com/bid/15134 http://www.us-cert.gov/cas/techalerts/TA05-292A.html •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2005-3438
https://notcve.org/view.php?id=CVE-2005-3438
Multiple unspecified vulnerabilities in Oracle Database Server 9i up to 10.1.0.4.2 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB04 in Change Data Capture; (2) DB06 in Data Guard Logical Standby; (3) DB10 in Locale; (4) DB12 in Materialized Views; (5) DB13 in Objects Extension; (6) DB15 in Oracle Label Security; (7) DB27 in Security, possibly due to a buffer overflow in sys.pbsde.init; and (8) DB28 and (9) DB29 in Workspace Manager. • http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/038061.html http://secunia.com/advisories/17250 http://www.kb.cert.org/vuls/id/210524 http://www.kb.cert.org/vuls/id/449444 http://www.oracle.com/technetwork/topics/security/cpuoct2005-090497.html http://www.securityfocus.com/bid/15134 http://www.us-cert.gov/cas/techalerts/TA05-292A.html •
CVSS: 5.0EPSS: 0%CPEs: 12EXPL: 0CVE-2005-0298
https://notcve.org/view.php?id=CVE-2005-0298
The DIRECTORY objects in Oracle 8i through Oracle 10g contain the location of a specific operating system directory, which allows users with read privileges to a DIRECTORY object to obtain sensitive information. • http://marc.info/?l=bugtraq&m=110608912525883&w=2 http://www.oracle.com/technology/deploy/security/pdf/cpu-jan-2005_advisory.pdf http://www.petefinnigan.com/directory_traversal.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/18947 •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2004-2345
https://notcve.org/view.php?id=CVE-2004-2345
Unknown multiple vulnerabilities in Oracle9i Database Server 9.0.1.4, 9.0.1.5, 9.2.0.3, and 9.2.0.4 allow local users with the ability to invoke SQL to cause a denial of service or obtain sensitive information. • http://otn.oracle.com/deploy/security/pdf/2004alert64.pdf http://www.securityfocus.com/bid/9705 https://exchange.xforce.ibmcloud.com/vulnerabilities/15271 •
CVSS: 6.5EPSS: 0%CPEs: 14EXPL: 0CVE-2004-1338
https://notcve.org/view.php?id=CVE-2004-1338
The triggers in Oracle 9i and 10g allow local users to gain privileges by using a sequence of partially privileged actions: using CCBKAPPLROWTRIG or EXEC_CBK_FN_DML to add arbitrary functions to the SDO_CMT_DBK_FN_TABLE and SDO_CMT_CBK_DML_TABLE, then performing a DELETE on the SDO_TXN_IDX_INSERTS table, which causes the SDO_CMT_CBK_TRIG trigger to execute the user-supplied functions. • http://marc.info/?l=bugtraq&m=110382230614420&w=2 http://www.ngssoftware.com/advisories/oracle23122004I.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/18655 • CWE-264: Permissions, Privileges, and Access Controls •