CVSS: 6.6EPSS: 0%CPEs: 4EXPL: 0CVE-2019-2571
https://notcve.org/view.php?id=CVE-2019-2571
Vulnerability in the RDBMS DataPump component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Difficult to exploit vulnerability allows high privileged attacker having DBA role privilege with network access via Oracle Net to compromise RDBMS DataPump. Successful attacks of this vulnerability can result in takeover of RDBMS DataPump. CVSS 3.0 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). • http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2019-2518
https://notcve.org/view.php?id=CVE-2019-2518
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple protocols to compromise Java VM. Successful attacks of this vulnerability can result in takeover of Java VM. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). • http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2019-2582
https://notcve.org/view.php?id=CVE-2019-2582
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.2.0.1 and 18c. Easily exploitable vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Core RDBMS. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Core RDBMS accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). • http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html •
CVSS: 9.1EPSS: 0%CPEs: 2EXPL: 0CVE-2019-2517
https://notcve.org/view.php?id=CVE-2019-2517
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.2.0.1 and 18c. Easily exploitable vulnerability allows high privileged attacker having DBFS_ROLE privilege with network access via Oracle Net to compromise Core RDBMS. While the vulnerability is in Core RDBMS, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Core RDBMS. • http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html •
CVSS: 8.2EPSS: 0%CPEs: 4EXPL: 0CVE-2019-2516
https://notcve.org/view.php?id=CVE-2019-2516
Vulnerability in the Portable Clusterware component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows high privileged attacker having Grid Infrastructure User privilege with logon to the infrastructure where Portable Clusterware executes to compromise Portable Clusterware. While the vulnerability is in Portable Clusterware, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Portable Clusterware. • http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html •