CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-21934
https://notcve.org/view.php?id=CVE-2023-21934
18 Apr 2023 — Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Difficult to exploit vulnerability allows low privileged attacker having User Account privilege with network access via TLS to compromise Java VM. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java VM accessible data as well as unauthorized access to critical data or complete access to all Java VM acces... • https://www.oracle.com/security-alerts/cpuapr2023.html •
CVSS: 6.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-21918
https://notcve.org/view.php?id=CVE-2023-21918
18 Apr 2023 — Vulnerability in the Oracle Database Recovery Manager component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows high privileged attacker having Local SYSDBA privilege with network access via Oracle Net to compromise Oracle Database Recovery Manager. While the vulnerability is in Oracle Database Recovery Manager, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in u... • https://www.oracle.com/security-alerts/cpuapr2023.html •
CVSS: 7.6EPSS: 0%CPEs: 2EXPL: 0CVE-2023-21893 – Oracle ODP.NET Managed Driver Improper Certificate Validation Vulnerability
https://notcve.org/view.php?id=CVE-2023-21893
17 Jan 2023 — Vulnerability in the Oracle Data Provider for .NET component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TCPS to compromise Oracle Data Provider for .NET. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle Data Provider for .NET. • https://www.oracle.com/security-alerts/cpujan2023.html • CWE-284: Improper Access Control •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2023-21829
https://notcve.org/view.php?id=CVE-2023-21829
17 Jan 2023 — Vulnerability in the Oracle Database RDBMS Security component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to compromise Oracle Database RDBMS Security. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification acces... • https://www.oracle.com/security-alerts/cpujan2023.html •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2023-21827
https://notcve.org/view.php?id=CVE-2023-21827
17 Jan 2023 — Vulnerability in the Oracle Database Data Redaction component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to compromise Oracle Database Data Redaction. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Database Data Redaction accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts)... • https://www.oracle.com/security-alerts/cpujan2023.html •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2022-21603
https://notcve.org/view.php?id=CVE-2022-21603
18 Oct 2022 — Vulnerability in the Oracle Database - Sharding component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Easily exploitable vulnerability allows high privileged attacker having Local Logon privilege with network access via Local Logon to compromise Oracle Database - Sharding. Successful attacks of this vulnerability can result in takeover of Oracle Database - Sharding. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). • https://www.oracle.com/security-alerts/cpuoct2022.html •
CVSS: 6.8EPSS: 0%CPEs: 3EXPL: 0CVE-2022-21565
https://notcve.org/view.php?id=CVE-2022-21565
19 Jul 2022 — Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via Oracle Net to compromise Java VM. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java VM accessible data. CVSS 3.1 Base Score 6.5 (Integrity impacts). • https://www.oracle.com/security-alerts/cpujul2022.html •
CVSS: 3.3EPSS: 0%CPEs: 3EXPL: 0CVE-2022-21432
https://notcve.org/view.php?id=CVE-2022-21432
19 Jul 2022 — Vulnerability in the Oracle Database - Enterprise Edition RDBMS Security component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 19c and 21c. Easily exploitable vulnerability allows high privileged attacker having DBA role privilege with network access via Oracle Net to compromise Oracle Database - Enterprise Edition RDBMS Security. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Database... • https://www.oracle.com/security-alerts/cpujul2022.html •
CVSS: 9.8EPSS: 0%CPEs: 11EXPL: 0CVE-2020-35169
https://notcve.org/view.php?id=CVE-2020-35169
11 Jul 2022 — Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.5.2, contain an Improper Input Validation Vulnerability. Dell BSAFE Crypto-C Micro Edition, versiones anteriores a 4.1.5, y Dell BSAFE Micro Edition Suite, versiones anteriores a 4.5.2, contienen una vulnerabilidad de Comprobación de Entrada Inapropiada • https://www.dell.com/support/kbdoc/en-us/000181115/dsa-2020-286-dell-bsafe-crypto-c-micro-edition-4-1-5-and-dell-bsafe-micro-edition-suite-4-6-multiple-security-vulnerabilities • CWE-20: Improper Input Validation CWE-347: Improper Verification of Cryptographic Signature •
CVSS: 9.8EPSS: 0%CPEs: 11EXPL: 0CVE-2020-35168
https://notcve.org/view.php?id=CVE-2020-35168
11 Jul 2022 — Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability. Dell BSAFE Crypto-C Micro Edition, versiones anteriores a 4.1.5, y Dell BSAFE Micro Edition Suite, versiones anteriores a 4.6, contienen una vulnerabilidad de Discrepancia de Tiempo Observable • https://www.dell.com/support/kbdoc/en-us/000181115/dsa-2020-286-dell-bsafe-crypto-c-micro-edition-4-1-5-and-dell-bsafe-micro-edition-suite-4-6-multiple-security-vulnerabilities • CWE-311: Missing Encryption of Sensitive Data •