CVSS: 3.6EPSS: 0%CPEs: 5EXPL: 0CVE-2010-4420
https://notcve.org/view.php?id=CVE-2010-4420
Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows local users to affect confidentiality and integrity via unknown vectors. Vulnerabilidad no especificada en el componente Oracle Database Vault en Oracle Database Server v10.2.0.3, v10.2.0.4, v10.2.0.5, v11.1.0.7 y v11.2.0.1 permite a usuarios locales afectar a la confidencialidad y la integridad a través de vectores desconocidos. • http://secunia.com/advisories/42895 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://www.securityfocus.com/bid/45855 http://www.securitytracker.com/id?1024972 http://www.vupen.com/english/advisories/2011/0139 https://exchange.xforce.ibmcloud.com/vulnerabilities/64760 •
CVSS: 6.9EPSS: 0%CPEs: 4EXPL: 0CVE-2010-4423
https://notcve.org/view.php?id=CVE-2010-4423
Unspecified vulnerability in the Cluster Verify Utility component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1, when running on Windows, allows local users to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad sin especificar en el componente "Cluster Verify Utility" (utilidad de verificación de cluster) de Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, y 11.2.0.1. Si se ejecuta en Windows, permite a usuarios locales afectar la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. • http://secunia.com/advisories/42895 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://www.securityfocus.com/bid/45859 http://www.securitytracker.com/id?1024972 http://www.vupen.com/english/advisories/2011/0139 https://exchange.xforce.ibmcloud.com/vulnerabilities/64756 •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2010-4413
https://notcve.org/view.php?id=CVE-2010-4413
Unspecified vulnerability in the Scheduler Agent component in Oracle Database Server 11.1.0.7 and 11.2.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. Una vulnerabilidad no especificada en el componente "Scheduler Agent" de Oracle Database Server v11.1.0.7 y v11.2.0.1 permite a usuarios remotos autenticados afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. • http://secunia.com/advisories/42895 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://www.securityfocus.com/bid/45845 http://www.securitytracker.com/id?1024972 http://www.vupen.com/english/advisories/2011/0139 https://exchange.xforce.ibmcloud.com/vulnerabilities/64759 •
CVSS: 10.0EPSS: 97%CPEs: 3EXPL: 2CVE-2010-3600 – Oracle Database and Enterprise Manager Grid Control Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-3600
Unspecified vulnerability in the Client System Analyzer component in Oracle Database Server 11.1.0.7 and 11.2.0.1 and Enterprise Manager Grid Control 10.2.0.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable third party coordinator that this issue involves an exposed JSP script that accepts XML uploads in conjunction with NULL bytes in an unspecified parameter that allow execution of arbitrary code. Una vulnerabilidad no especificada en el componente Client System Analyzer en Database Server versiones 11.1.0.7 y 11.2.0.1 y Enterprise Manager Grid Control versión 10.2.0.5, de Oracle, permite a los atacantes remotos afectar la confidencialidad, integridad y disponibilidad por medio de vectores desconocidos. NOTA: la información anterior fue obtenida de la CPU de enero de 2011. • https://www.exploit-db.com/exploits/22714 https://github.com/LAITRUNGMINHDUC/CVE-2010-3600-PythonHackOracle11gR2 http://secunia.com/advisories/42895 http://secunia.com/advisories/42921 http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html http://www.securityfocus.com/bid/45883 http://www.securitytracker.com/id?1024972 http://www.vupen.com/english/advisories/2011/0139 http://www.vupen.com/english/advisories/2011/0140 http://www.zerodayinitiative.com/advisories/ZDI-11-018&# •
CVSS: 4.9EPSS: 6%CPEs: 4EXPL: 0CVE-2010-2415 – Oracle DB SQL Injection Via SYS.DBMS_CDC_PUBLISH.CREATE_CHANGE_SET
https://notcve.org/view.php?id=CVE-2010-2415
Unspecified vulnerability in the Change Data Capture component in Oracle Database Server 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality and integrity, related to DBMS_CDC_PUBLISH. Vulnerabilidad no especificada en el componente Change Data Capture en Oracle Database Server v10.1.0.5, v10.2.0.4, v11.1.0.7, y v11.2.0.1 permite a usuarios remotos autenticados afectar a la confidencialidad y la integridad, relacionados con DBMS_CDC_PUBLISH. • http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html http://www.us-cert.gov/cas/techalerts/TA10-287A.html •