CVE Daily
← All tags

Tag: Oracle Database

All CVEs associated with "Oracle Database". Page 2/6 • 656 CVEs.

Subscribe CVEs: RSS for “Oracle Database”  ·  RSS (High+Critical only)

About “Oracle Database”

A curated feed of “Oracle Database”-related CVEs appears below. We currently track 656 CVEs for this tag (all time). In the last 365 days, 21 were published. Average CVSS is 6.1 (all time; 6.0 over 365d), and 34% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-284 - Improper Access Control, CWE-400 - Uncontrolled Resource Consumption, CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor.

In our taxonomy this topic maps to a LOW impact class. Vendor advisories and release notes are key. Verify compatibility matrices, prefer supported long term versions, and stage rollouts with monitoring. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2020-07-15
Medium

CVE-2020-2972

Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker…

CVSS: 5.4 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD
Medium

CVE-2020-2971

Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker…

CVSS: 5.4 CWE: N/A View on NVD
Medium

CVE-2020-2969

Vulnerability in the Data Pump component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows high…

CVSS: 6.6 CWE: N/A View on NVD
High

CVE-2020-2968

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low pri…

CVSS: 8.0 CWE: N/A View on NVD
Medium

CVE-2020-2513

Vulnerability in the Oracle Application Express component of Oracle Database Server. Supported versions that are affected are 5.1-19.2. Easily exploitable vulnerability allows low privileged attacker…

CVSS: 5.4 CWE: CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') View on NVD
2020-04-15
Medium

CVE-2020-2737

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows high…

CVSS: 6.4 CWE: N/A View on NVD
High

CVE-2020-2735

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low pri…

CVSS: 8.0 CWE: N/A View on NVD
Low

CVE-2020-2734

Vulnerability in the RDBMS/Optimizer component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privil…

CVSS: 2.4 CWE: N/A View on NVD
Medium

CVE-2020-2514

Vulnerability in the Oracle Application Express component of Oracle Database Server. The supported version that is affected is Prior to 19.2. Easily exploitable vulnerability allows low privileged at…

CVSS: 4.6 CWE: N/A View on NVD
2020-01-15
Low

CVE-2020-2731

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged a…

CVSS: 3.9 CWE: N/A View on NVD
Medium

CVE-2020-2641

Vulnerability in the Enterprise Manager for Oracle Database product of Oracle Enterprise Manager (component: Discovery Framework). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3…

CVSS: 6.0 CWE: N/A View on NVD
Medium

CVE-2020-2640

Vulnerability in the Enterprise Manager for Oracle Database product of Oracle Enterprise Manager (component: Target Management). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0…

CVSS: 6.0 CWE: N/A View on NVD
Medium

CVE-2020-2638

Vulnerability in the Enterprise Manager for Oracle Database product of Oracle Enterprise Manager (component: Enterprise Config Management). Supported versions that are affected are 12.1.0.5, 13.2.0.0…

CVSS: 6.0 CWE: N/A View on NVD
Medium

CVE-2020-2637

Vulnerability in the Enterprise Manager for Oracle Database product of Oracle Enterprise Manager (component: Change Manager - web based). Supported versions that are affected are 12.1.0.5, 13.2.0.0 a…

CVSS: 6.0 CWE: N/A View on NVD
Low

CVE-2020-2569

Vulnerability in the Oracle Applications DBA component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability…

CVSS: 3.9 CWE: N/A View on NVD
Low

CVE-2020-2568

Vulnerability in the Oracle Applications DBA component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low…

CVSS: 3.9 CWE: N/A View on NVD
Medium

CVE-2020-2527

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged…

CVSS: 4.1 CWE: N/A View on NVD
High

CVE-2020-2518

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low pri…

CVSS: 7.5 CWE: N/A View on NVD
Low

CVE-2020-2517

Vulnerability in the Database Gateway for ODBC component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c, and 19c. Difficult to exploit vulnerabi…

CVSS: 3.3 CWE: N/A View on NVD
Low

CVE-2020-2516

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged…

CVSS: 2.4 CWE: N/A View on NVD
Medium

CVE-2020-2515

Vulnerability in the Database Gateway for ODBC component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerabil…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2020-2512

Vulnerability in the Database Gateway for ODBC component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerabil…

CVSS: 5.9 CWE: N/A View on NVD
High

CVE-2020-2511

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged a…

CVSS: 7.7 CWE: N/A View on NVD
High

CVE-2020-2510

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows unau…

CVSS: 7.5 CWE: N/A View on NVD
2019-10-16
Medium

CVE-2019-2956

Vulnerability in the Core RDBMS (jackson-databind) component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allo…

CVSS: 5.7 CWE: N/A View on NVD
Low

CVE-2019-2955

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low pr…

CVSS: 3.9 CWE: N/A View on NVD
Low

CVE-2019-2954

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low pr…

CVSS: 3.9 CWE: N/A View on NVD
Low

CVE-2019-2940

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows high privileged attac…

CVSS: 2.3 CWE: N/A View on NVD
Medium

CVE-2019-2939

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged attacker ha…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2019-2913

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged attacker ha…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2019-2909

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows unauthe…

CVSS: 6.8 CWE: N/A View on NVD
Medium

CVE-2019-2734

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged attacker ha…

CVSS: 4.3 CWE: N/A View on NVD
Medium

CVE-2018-2875

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged attacker ha…

CVSS: 5.0 CWE: N/A View on NVD
2019-08-30
Medium

CVE-2019-11658

Information exposure in Micro Focus Content Manager, versions 9.1, 9.2 and 9.3. This vulnerability when configured to use an Oracle database, allows valid system users to gain access to a limited sub…

CVSS: 4.3 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
2019-07-23
High

CVE-2019-2799

Vulnerability in the Oracle ODBC Driver component of Oracle Database Server<span class=font-red><b> ***PRIVILEGE CANNOT BE NONE FOR AUTHENTICATED ATTACKS***</b></span>. Supported versions that are af…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2019-2776

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged…

CVSS: 7.6 CWE: N/A View on NVD
Medium

CVE-2019-2753

Vulnerability in the Oracle Text component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows low privil…

CVSS: 4.6 CWE: N/A View on NVD
Medium

CVE-2019-2749

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low pri…

CVSS: 6.8 CWE: N/A View on NVD
Medium

CVE-2019-2569

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Difficult to exploit vulnerability allows high privilege…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2019-2484

Vulnerability in the Application Express component of Oracle Database Server. Supported versions that are affected are 5.1 and 18.2. Easily exploitable vulnerability allows low privileged attacker ha…

CVSS: 5.4 CWE: N/A View on NVD
2019-04-23
High

CVE-2019-2619

Vulnerability in the Portable Clusterware component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows h…

CVSS: 8.2 CWE: N/A View on NVD
Medium

CVE-2019-2582

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.2.0.1 and 18c. Easily exploitable vulnerability allows unauthenticated attacker with n…

CVSS: 5.3 CWE: N/A View on NVD
Medium

CVE-2019-2571

Vulnerability in the RDBMS DataPump component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Difficult to exploit vulnerability allows high…

CVSS: 6.6 CWE: N/A View on NVD
High

CVE-2019-2518

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low pri…

CVSS: 7.5 CWE: N/A View on NVD
Critical

CVE-2019-2517

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.2.0.1 and 18c. Easily exploitable vulnerability allows high privileged attacker having…

CVSS: 9.1 CWE: N/A View on NVD
High

CVE-2019-2516

Vulnerability in the Portable Clusterware component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows h…

CVSS: 8.2 CWE: N/A View on NVD
2019-01-16
Low

CVE-2019-2547

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows low privileged…

CVSS: 3.5 CWE: N/A View on NVD
High

CVE-2019-2444

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.2.0.1 and 18c. Easily exploitable vulnerability allows low privileged attacker having…

CVSS: 8.2 CWE: N/A View on NVD
High

CVE-2019-2406

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows high privileged attac…

CVSS: 7.2 CWE: N/A View on NVD
2018-10-17
High

CVE-2018-3299

Vulnerability in the Oracle Text component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows unauthenticated…

CVSS: 8.2 CWE: N/A View on NVD
Critical

CVE-2018-3259

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows unauthenticate…

CVSS: 9.8 CWE: N/A View on NVD
2018-08-10
Critical

CVE-2018-3110

A vulnerability was discovered in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18. Easily exploitable vulnerability allow…

CVSS: 9.9 CWE: N/A View on NVD
2018-07-18
Medium

CVE-2018-3004

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2,12.2.0.1 and 18.2. Difficult to exploit vulnerability allows low privileg…

CVSS: 5.3 CWE: N/A View on NVD
High

CVE-2018-2939

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18.1 and 18.2. Easily exploitable vulnerability allows low…

CVSS: 8.4 CWE: N/A View on NVD
2018-04-19
High

CVE-2018-2841

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Difficult to exploit vulnerability allows low privileged at…

CVSS: 8.5 CWE: N/A View on NVD
2018-01-18
Medium

CVE-2018-2699

Vulnerability in the Application Express component of Oracle Database Server. The supported version that is affected is Prior to 5.1.4.00.08. Easily exploitable vulnerability allows unauthenticated a…

CVSS: 6.1 CWE: N/A View on NVD
High

CVE-2018-2680

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Difficult to exploit vulnerability allows unauthenticated a…

CVSS: 8.3 CWE: N/A View on NVD
Low

CVE-2018-2575

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, and 12.2.0.1. Difficult to exploit vulnerability allows high privileg…

CVSS: 2.0 CWE: N/A View on NVD
Critical

CVE-2017-10282

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows high privileged attacker h…

CVSS: 9.1 CWE: N/A View on NVD
2017-10-19
High

CVE-2017-10321

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows low privileged a…

CVSS: 8.8 CWE: N/A View on NVD
Low

CVE-2017-10292

Vulnerability in the RDBMS Security component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows high privile…

CVSS: 2.3 CWE: CWE-269 - Improper Privilege Management View on NVD
Medium

CVE-2017-10261

Vulnerability in the XML Database component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Easily exploitable vulnerability allows low privileged attacker…

CVSS: 6.5 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
High

CVE-2017-10190

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows high privileged att…

CVSS: 8.2 CWE: N/A View on NVD
2017-08-08
Critical

CVE-2017-10202

Vulnerability in the OJVM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows low privileged attacke…

CVSS: 9.9 CWE: N/A View on NVD
Low

CVE-2017-10120

Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that is affected is 12.1.0.2. Difficult to exploit vulnerability allows high privileged attacker having…

CVSS: 1.9 CWE: N/A View on NVD
2017-04-24
Medium

CVE-2017-3567

Vulnerability in the OJVM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Difficult to exploit vulnerability allows low privileged attacker having…

CVSS: 5.3 CWE: N/A View on NVD
High

CVE-2017-3486

Vulnerability in the SQL*Plus component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Difficult to exploit vulnerability allows high privileged attacker h…

CVSS: 7.2 CWE: N/A View on NVD
2017-01-27
Critical

CVE-2017-3310

Vulnerability in the OJVM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Easily exploitable vulnerability allows low privileged attacker having C…

CVSS: 9.0 CWE: N/A View on NVD
Low

CVE-2017-3240

Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that is affected is 12.1.0.2. Easily exploitable vulnerability allows low privileged attacker having Loc…

CVSS: 3.3 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
2016-12-09
Critical

CVE-2016-9013

Django 1.8.x before 1.8.16, 1.9.x before 1.9.11, and 1.10.x before 1.10.3 use a hardcoded password for a temporary database user created when running tests with an Oracle database, which makes it eas…

CVSS: 9.8 CWE: CWE-798 - Use of Hard-coded Credentials View on NVD
2016-10-25
Medium

CVE-2016-5572

Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors.

CVSS: 6.4 CWE: CWE-264 View on NVD
Critical

CVE-2016-5555

Unspecified vulnerability in the OJVM component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote administrators to affect confidentiality, integrity, and availability via unknown vectors.

CVSS: 9.1 CWE: N/A View on NVD
Medium

CVE-2016-5516

Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect availability via unknown vectors.

CVSS: 6.0 CWE: N/A View on NVD
Medium

CVE-2016-5505

Unspecified vulnerability in the RDBMS Programmable Interface component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors.

CVSS: 5.5 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
Low

CVE-2016-5499

Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors, a different vulnerability t…

CVSS: 3.3 CWE: CWE-264 View on NVD
Low

CVE-2016-5498

Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors, a different vulnerability t…

CVSS: 3.3 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
Medium

CVE-2016-5497

Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors.

CVSS: 6.4 CWE: CWE-284 - Improper Access Control View on NVD
Low

CVE-2016-3562

Unspecified vulnerability in the RDBMS Security and SQL*Plus components in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote administrators to affect confidentiality via vectors related to D…

CVSS: 2.4 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
2016-07-21
Critical

CVE-2016-3609

Unspecified vulnerability in the OJVM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via…

CVSS: 9.0 CWE: N/A View on NVD
High

CVE-2016-3506

Unspecified vulnerability in the JDBC component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2; the Oracle Retail Xstore Point of Service 5.5, 6.0, 6.5, 7.0, 7.1, 15.0, and 16.0; the Orac…

CVSS: 8.1 CWE: N/A View on NVD
Medium

CVE-2016-3489

Unspecified vulnerability in the Data Pump Import component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via un…

CVSS: 6.7 CWE: N/A View on NVD
Medium

CVE-2016-3488

Unspecified vulnerability in the DB Sharding component in Oracle Database Server 12.1.0.2 allows local users to affect integrity via unknown vectors.

CVSS: 4.4 CWE: N/A View on NVD
Low

CVE-2016-3484

Unspecified vulnerability in the Database Vault component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality and integrity via unknown vectors.

CVSS: 3.4 CWE: N/A View on NVD
High

CVE-2016-3479

Unspecified vulnerability in the Portable Clusterware component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote attackers to affect availability via unknown vectors.

CVSS: 7.5 CWE: N/A View on NVD
Medium

CVE-2016-3467

Unspecified vulnerability in the Application Express component in Oracle Database Server before 5.0.4 allows remote attackers to affect availability via unknown vectors.

CVSS: 5.8 CWE: N/A View on NVD
Medium

CVE-2016-3448

Unspecified vulnerability in the Application Express component in Oracle Database Server before 5.0.4 allows remote attackers to affect confidentiality and integrity via unknown vectors.

CVSS: 6.1 CWE: N/A View on NVD
2016-04-21
Critical

CVE-2016-3454

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknow…

CVSS: 9.0 CWE: N/A View on NVD
Low

CVE-2016-0691

Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect integrity via unknown vectors, a different vulnerabil…

CVSS: 3.3 CWE: N/A View on NVD
Low

CVE-2016-0690

Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect integrity via unknown vectors, a different vulnerabil…

CVSS: 3.3 CWE: N/A View on NVD
High

CVE-2016-0681

Unspecified vulnerability in the Oracle OLAP component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unspeci…

CVSS: 7.8 CWE: N/A View on NVD
Medium

CVE-2016-0677

Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.1 and 12.1.0.2 allows remote attackers to affect availability via unknown vectors.

CVSS: 5.9 CWE: N/A View on NVD
2016-01-21
Critical

CVE-2016-0499

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability…

CVSS: 9.0 CWE: N/A View on NVD
Medium

CVE-2016-0472

Unspecified vulnerability in the XDB - XML Database component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality and availability v…

CVSS: 5.5 CWE: N/A View on NVD
Medium

CVE-2016-0467

Unspecified vulnerability in the Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect integrity via unknown vectors.

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2016-0461

Unspecified vulnerability in the XDB - XML Database component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect availability via unknown vectors.

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2015-4925

Unspecified vulnerability in the Workspace Manager component in Oracle Database Server 11.2.0.4 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown ve…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2015-4923

Unspecified vulnerability in the XML Developer's Kit for C component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect availability via unknown ve…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2015-4921

Unspecified vulnerability in the Database Vault component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect integrity via unknown vectors.

CVSS: 4.0 CWE: N/A View on NVD
2015-10-21
Medium

CVE-2015-4900

Unspecified vulnerability in the XDB - XML Database component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and av…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2015-4894

Unspecified vulnerability in the Mobile Server component in Oracle Database Mobile/Lite Server 10.3.0.3, 11.3.0.2, and 12.1.0.0 allows remote authenticated users to affect integrity and availability…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2015-4888

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability…

CVSS: 6.5 CWE: N/A View on NVD
High

CVE-2015-4873

Unspecified vulnerability in the Database Scheduler component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via…

CVSS: 7.2 CWE: N/A View on NVD
Critical

CVE-2015-4863

Unspecified vulnerability in the Portable Clusterware component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote attackers to affect confidentiality, integrity, and availabili…

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2015-4857

Unspecified vulnerability in the RDBMS component in Oracle Database Server 12.1.0.1 and 12.1.0.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

CVSS: 5.5 CWE: N/A View on NVD
Critical

CVE-2015-4796

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2, when running on Windows, allows remote authenticated users to affect confidentiality, in…

CVSS: 9.0 CWE: N/A View on NVD
Critical

CVE-2015-4794

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability…

CVSS: 9.0 CWE: N/A View on NVD
2015-07-16
Medium

CVE-2015-4755

Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.2 allows remote attackers to affect confidentiality via unknown vectors.

CVSS: 5.0 CWE: N/A View on NVD
Low

CVE-2015-4753

Unspecified vulnerability in the RDBMS Support Tools component in Oracle Database Server 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality via unknown vectors.

CVSS: 2.1 CWE: N/A View on NVD
Medium

CVE-2015-4740

Unspecified vulnerability in the RDBMS Partitioning component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentialit…

CVSS: 6.0 CWE: N/A View on NVD
Medium

CVE-2015-4735

Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1, and EM DB Control 11.2.0.3 and 11.2.0.4, allows…

CVSS: 5.0 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
Medium

CVE-2015-2655

Unspecified vulnerability in the Application Express component in Oracle Database Server before 4.2.3.00.08 allows remote authenticated users to affect confidentiality and integrity via unknown vecto…

CVSS: 5.5 CWE: N/A View on NVD
Medium

CVE-2015-2647

Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform 11.1.0.1; EM Plugin for DB 12.1.0.5, 12.1.0.6, 12.1.0.7; a…

CVSS: 5.5 CWE: N/A View on NVD
Medium

CVE-2015-2646

Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform: 11.1.0.1; EM Plugin for DB: 12.1.0.5, 12.1.0.6, 12.1.0.7;…

CVSS: 4.3 CWE: N/A View on NVD
Critical

CVE-2015-2629

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrit…

CVSS: 9.0 CWE: N/A View on NVD
Medium

CVE-2015-2599

Unspecified vulnerability in the RDBMS Scheduler component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality v…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2015-2595

Unspecified vulnerability in the Oracle OLAP component in Oracle Database Server 12.1.0.1 and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unk…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2015-2586

Unspecified vulnerability in the Application Express component in Oracle Database Server before 4.2.1 allows remote attackers to affect availability via unknown vectors.

CVSS: 4.3 CWE: N/A View on NVD
Low

CVE-2015-2585

Unspecified vulnerability in the Application Express component in Oracle Database Server before 5.0 allows remote authenticated users to affect availability via unknown vectors.

CVSS: 2.1 CWE: N/A View on NVD
Medium

CVE-2015-0468

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrity, and availabili…

CVSS: 6.0 CWE: N/A View on NVD
2015-04-16
Medium

CVE-2015-0483

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect integrity via unknown…

CVSS: 4.0 CWE: N/A View on NVD