CVSS: 10.0EPSS: 2%CPEs: 7EXPL: 0CVE-2006-0286
https://notcve.org/view.php?id=CVE-2006-0286
18 Jan 2006 — Unspecified vulnerability in the Oracle HTTP Server component of Oracle Database Server 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.7, and 10.1.0.5, and Application Server 1.0.2.2, 9.0.4.2, and 10.1.2.0.2, has unspecified impact and attack vectors, as identified by Oracle Vuln# OHS01. • http://secunia.com/advisories/18493 •
CVSS: 9.8EPSS: 0%CPEs: 101EXPL: 0CVE-2005-3641
https://notcve.org/view.php?id=CVE-2005-3641
16 Nov 2005 — Oracle Databases running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication by supplying a valid username. • http://www.ngssoftware.com/papers/database-on-xp.pdf •
CVSS: 10.0EPSS: 8%CPEs: 1EXPL: 1CVE-2005-3438
https://notcve.org/view.php?id=CVE-2005-3438
02 Nov 2005 — Multiple unspecified vulnerabilities in Oracle Database Server 9i up to 10.1.0.4.2 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB04 in Change Data Capture; (2) DB06 in Data Guard Logical Standby; (3) DB10 in Locale; (4) DB12 in Materialized Views; (5) DB13 in Objects Extension; (6) DB15 in Oracle Label Security; (7) DB27 in Security, possibly due to a buffer overflow in sys.pbsde.init; and (8) DB28 and (9) DB29 in Workspace Manager. • http://lists.grok.org.uk/pipermail/full-disclosure/2005-October/038061.html •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2005-3441
https://notcve.org/view.php?id=CVE-2005-3441
02 Nov 2005 — Unspecified vulnerability in Intelligent Agent in Oracle Database Server 9i up to 9.0.1.5 has unknown impact and attack vectors, aka Oracle Vuln# DB14. • http://secunia.com/advisories/17250 •
CVSS: 10.0EPSS: 1%CPEs: 7EXPL: 0CVE-2005-3442
https://notcve.org/view.php?id=CVE-2005-3442
02 Nov 2005 — Multiple unspecified vulnerabilities in Oracle Database Server 8i up to 10.1.0.4.2 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB09 in Export, (2) DB11 in Materialized Views, and (3) DB16 in Security Service. • http://secunia.com/advisories/17250 •
CVSS: 10.0EPSS: 2%CPEs: 4EXPL: 0CVE-2005-3444
https://notcve.org/view.php?id=CVE-2005-3444
02 Nov 2005 — Multiple unspecified vulnerabilities in the Programmatic Interface in Oracle Database Server from 8i up to 9.2.0.5 have unknown impact and attack vectors, aka Oracle Vuln# DB26. • http://secunia.com/advisories/17250 •
CVSS: 10.0EPSS: 2%CPEs: 15EXPL: 0CVE-2005-3445
https://notcve.org/view.php?id=CVE-2005-3445
02 Nov 2005 — Multiple unspecified vulnerabilities in HTTP Server in Oracle Database Server 8i up to 10.1.0.4.2 and Application Server 1.0.2.2 up to 10.1.2.0 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB30 and AS03 or (2) DB31 and AS05. • http://secunia.com/advisories/17250 •
CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 0CVE-2005-0298
https://notcve.org/view.php?id=CVE-2005-0298
10 Feb 2005 — The DIRECTORY objects in Oracle 8i through Oracle 10g contain the location of a specific operating system directory, which allows users with read privileges to a DIRECTORY object to obtain sensitive information. • http://marc.info/?l=bugtraq&m=110608912525883&w=2 •
CVSS: 7.1EPSS: 0%CPEs: 4EXPL: 0CVE-2004-2345
https://notcve.org/view.php?id=CVE-2004-2345
31 Dec 2004 — Unknown multiple vulnerabilities in Oracle9i Database Server 9.0.1.4, 9.0.1.5, 9.2.0.3, and 9.2.0.4 allow local users with the ability to invoke SQL to cause a denial of service or obtain sensitive information. • http://otn.oracle.com/deploy/security/pdf/2004alert64.pdf •
CVSS: 9.1EPSS: 2%CPEs: 87EXPL: 0CVE-2004-1362
https://notcve.org/view.php?id=CVE-2004-1362
04 Aug 2004 — The PL/SQL module for the Oracle HTTP Server in Oracle Application Server 10g, when using the WE8ISO8859P1 character set, does not perform character conversions properly, which allows remote attackers to bypass access restrictions for certain procedures via an encoded URL with "%FF" encoded sequences that are improperly converted to "Y" characters. • http://marc.info/?l=bugtraq&m=110382306006205&w=2 •