96 results (0.037 seconds)

CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0

Vulnerability in the Application Express component of Oracle Database Server. Supported versions that are affected are 5.1 and 18.2. Easily exploitable vulnerability allows low privileged attacker having Valid Account privilege with network access via HTTP to compromise Application Express. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Application Express, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Application Express accessible data as well as unauthorized read access to a subset of Application Express accessible data. • http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html •

CVSS: 4.0EPSS: 0%CPEs: 6EXPL: 0

Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors. Vulnerabilidad no especificada en el Core RDBMS, componente de la Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, y 11.1.0.6 con un impacto desconocido y vector de ataque de atenticación remota. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143 http://secunia.com/advisories/31087 http://secunia.com/advisories/31113 http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html http://www.securitytracker.com/id?1020499 http://www.vupen.com/english/advisories/2008/2109/references http://www.vupen.com/english/advisories/2008/2115 •

CVSS: 1.5EPSS: 0%CPEs: 7EXPL: 0

Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 has unknown impact and local attack vectors. Vulnerabilidad no especificada en el componente Advanced Replication component de Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, y 10.2.0.3 tiene un impacto desconocido y vectores de ataque locales. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143 http://secunia.com/advisories/31087 http://secunia.com/advisories/31113 http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html http://www.securitytracker.com/id?1020499 http://www.vupen.com/english/advisories/2008/2109/references http://www.vupen.com/english/advisories/2008/2115 •

CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0

Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to SYS.DBMS_DEFER_SYS. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this is a SQL injection vulnerability in the DELETE_TRAN procedure. Una vulnerabilidad no especificada en el componente Replicación Advanced en Database de Oracle versiones 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4 y 11.1.0.6, presenta un impacto desconocido y vectores de ataque autenticados remotos relacionados con SYS.DBMS_DEFER_SYS. NOTA: la información anterior fue obtenida de la CPU de julio de 2008 de Oracle. • http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c00727143 http://secunia.com/advisories/31087 http://secunia.com/advisories/31113 http://www.oracle.com/technetwork/topics/security/cpujul2008-090335.html http://www.securityfocus.com/archive/1/495094/100/0/threaded http://www.securityfocus.com/archive/1/495336/100/0/threaded http://www.securitytracker.com/id?1020499 http://www.vupen.com/english/advisories/2008/2109/references http://www.vupen.com/english/advisories/ •

CVSS: 9.0EPSS: 0%CPEs: 5EXPL: 0

Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 have unknown impact and remote attack vectors related to (1) SDO_IDX in the Spatial component, aka DB07; and (2) Core RDBMS, aka DB10. NOTE: the previous information was obtained from the Oracle CPU. Oracle has not commented on reliable researcher claims that DB07 is SQL injection. Múltiples vulnerabilidades no especificadas en Oracle Database versiones 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3 y 11.1.0.6, presenta un impacto desconocido y vectores de ataque remotos relacionados con (1) SDO_IDX en el componente Spatial, también se conoce como DB07; y (2) Core RDBMS, también se conoce como DB10. NOTA: la información anterior fue obtenida de la CPU de Oracle. • http://secunia.com/advisories/29829 http://secunia.com/advisories/29874 http://www.oracle.com/technetwork/topics/security/cpuapr2008-082075.html http://www.red-database-security.com/advisory/oracle_sql_injection_sdo_idx.html http://www.securityfocus.com/archive/1/490920/100/0/threaded http://www.securityfocus.com/archive/1/491024/100/0/threaded http://www.securitytracker.com/id?1019855 http://www.vupen.com/english/advisories/2008/1233/references http://www.vupen.com/english/advisorie •