CVSS: 7.1EPSS: 1%CPEs: 38EXPL: 0CVE-2006-1705
https://notcve.org/view.php?id=CVE-2006-1705
11 Apr 2006 — Oracle Database 9.2.0.0 to 10.2.0.3 allows local users with "SELECT" privileges for a base table to insert, update, or delete data by creating a crafted view then performing the operations on that view. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-April/044990.html •
CVSS: 9.8EPSS: 4%CPEs: 60EXPL: 0CVE-2006-0552
https://notcve.org/view.php?id=CVE-2006-0552
04 Feb 2006 — Unspecified vulnerability in the Net Listener component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, and 9.2.0.7 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB11. • http://secunia.com/advisories/18493 •
CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 0CVE-2006-0269
https://notcve.org/view.php?id=CVE-2006-0269
18 Jan 2006 — Unspecified vulnerability in the Streams Capture component of Oracle Database server 10.1.0.5 and 10.2.0.1 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB25. NOTE: details are unavailable from Oracle, but they have not publicly disputed a claim by a reliable independent researcher that states that the problem is SQL injection in the SET_DIRECTORY_ROOT function in the DBMS_CDC_PUBLISH package. • http://secunia.com/advisories/18493 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 49%CPEs: 27EXPL: 10CVE-2005-4832 – Oracle 10g Database - 'SUBSCRIPTION_NAME' SQL Injection
https://notcve.org/view.php?id=CVE-2005-4832
31 Dec 2005 — SQL injection vulnerability in the Oracle Database Server 10g allows remote authenticated users to execute arbitrary SQL commands with elevated privileges via the SUBSCRIPTION_NAME parameter in the (1) SYS.DBMS_CDC_SUBSCRIBE and (2) SYS.DBMS_CDC_ISUBSCRIBE packages, a different vector than CVE-2005-1197. • https://packetstorm.news/files/id/180720 •