CVSS: 8.3EPSS: 1%CPEs: 248EXPL: 6CVE-2021-2351 – Oracle Database Weak NNE Integrity Key Derivation
https://notcve.org/view.php?id=CVE-2021-2351
20 Jul 2021 — Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Advanced Networking Option, attacks may significantly impact additional products. Successful atta... • https://packetstorm.news/files/id/165258 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-384: Session Fixation •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2021-20227 – Ubuntu Security Notice USN-4732-1
https://notcve.org/view.php?id=CVE-2021-20227
11 Feb 2021 — A flaw was found in SQLite's SELECT query functionality (src/select.c). This flaw allows an attacker who is capable of running SQL queries locally on the SQLite database to cause a denial of service or possible code execution by triggering a use-after-free. The highest threat from this vulnerability is to system availability. Se encontró un fallo en la funcionalidad de consulta SELECT de SQLite (src/select.c). Este fallo permite a un atacante que es capaz de ejecutar consultas SQL localmente en la base... • https://bugzilla.redhat.com/show_bug.cgi?id=1924886 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 1%CPEs: 429EXPL: 0CVE-2019-10219 – hibernate-validator: safeHTML validator allows XSS
https://notcve.org/view.php?id=CVE-2019-10219
08 Nov 2019 — A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack. Una vulnerabilidad fue encontrada en Hibernate-Validator. La anotación del validador SafeHtml no puede sanear apropiadamente las cargas útiles que consisten en código potencialmente malicioso en los comentarios e instrucciones HTML. • https://access.redhat.com/errata/RHSA-2020:0159 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.1EPSS: 0%CPEs: 7EXPL: 0CVE-2015-2646
https://notcve.org/view.php?id=CVE-2015-2646
16 Jul 2015 — Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform: 11.1.0.1; EM Plugin for DB: 12.1.0.5, 12.1.0.6, 12.1.0.7; EM DB Control: 11.1.0.7, 11.2.0.3, and 11.2.0.4 allows remote attackers to affect integrity via unknown vectors related to Content Management. Vulnerabilidad no especificada en el componente Enterprise Manager for Oracle Database en Oracle Enterprise Manager Grid Control EM Base Platform: 11.1.0.1; EM Plugin fo... • http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html •
CVSS: 9.6EPSS: 0%CPEs: 7EXPL: 0CVE-2015-2647
https://notcve.org/view.php?id=CVE-2015-2647
16 Jul 2015 — Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1; EM Plugin for DB 12.1.0.5, 12.1.0.6, 12.1.0.7; and EM DB Control 11.1.0.7, 11.2.0.3, and 11.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Content Management. Vulnerabilidad no especificada en el componente Enterprise Manager for Oracle Database en Oracle Enterprise Manager Grid Control EM Base P... • http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html •
CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0CVE-2015-4735
https://notcve.org/view.php?id=CVE-2015-4735
16 Jul 2015 — Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1, and EM DB Control 11.2.0.3 and 11.2.0.4, allows remote attackers to affect confidentiality via vectors related to RAC Management. Vulnerabilidad no especificada en el componente Enterprise Manager for Oracle Database en Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1 y EM DB Control 11.2.0.3 y 11.2.0.4, permite a atacantes remotos afectar la ... • http://lists.opensuse.org/opensuse-security-announce/2015-08/msg00003.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.1EPSS: 0%CPEs: 8EXPL: 0CVE-2014-6488
https://notcve.org/view.php?id=CVE-2014-6488
15 Oct 2014 — Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform: 10.2.0.5, 11.1.0.1 EM DB Control: 11.1.0.7, 11.2.0.3, 11.2.0.4 EM Plugin for DB: 12.1.0.4, 12.1.0.5, and 12.1.0.6 allows remote authenticated users to affect integrity via unknown vectors related to Content Management. Vulnerabilidad sin especificar en el componente Enterprise Manager for Oracle Database en Oracle Enterprise Manager Grid Control EM Base Platform: 10.2... • http://secunia.com/advisories/61727 •
CVSS: 8.1EPSS: 0%CPEs: 6EXPL: 0CVE-2013-5827
https://notcve.org/view.php?id=CVE-2013-5827
16 Oct 2013 — Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 allows remote attackers to affect integrity via unknown vectors related to Storage Management. Vulnerabilidad no especificada en el componente Enterprise Manager Base Platform en Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 y 11.1.0.1; EM DB Control 11.1.0... • http://secunia.com/advisories/55322 •
CVSS: 8.1EPSS: 0%CPEs: 7EXPL: 0CVE-2013-5828
https://notcve.org/view.php?id=CVE-2013-5828
16 Oct 2013 — Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2 and 12.1.0.3 allows remote attackers to affect integrity via unknown vectors related to Storage Management. Vulnerabilidad no especificada en el componente Enterprise Manager Base Platform de Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 y 11.1.0.1; EM DB C... • http://secunia.com/advisories/55322 •
CVSS: 6.5EPSS: 0%CPEs: 8EXPL: 0CVE-2013-3762
https://notcve.org/view.php?id=CVE-2013-3762
16 Oct 2013 — Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 and 11.1.0.1; EM DB Control 11.1.0.7, 11.2.0.2, and 11.2.0.3; and EM Plugin for DB 12.1.0.2, 12.1.0.3, and 12.1.0.4 allows remote attackers to affect integrity via unknown vectors related to Schema Management. Vulnerabilidad sin especificar en el componente Enterprise Manager Base Platform de Oracle Enterprise Manager Grid Control EM Base Platform 10.2.0.5 y 11.1.0.... • http://secunia.com/advisories/55322 •