CVE Daily
← All tags

Tag: Oracle Database

All CVEs associated with "Oracle Database". Page 3/6 • 656 CVEs.

Subscribe CVEs: RSS for “Oracle Database”  ·  RSS (High+Critical only)

About “Oracle Database”

A curated feed of “Oracle Database”-related CVEs appears below. We currently track 656 CVEs for this tag (all time). In the last 365 days, 21 were published. Average CVSS is 6.1 (all time; 6.0 over 365d), and 34% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-284 - Improper Access Control, CWE-400 - Uncontrolled Resource Consumption, CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor.

In our taxonomy this topic maps to a LOW impact class. Vendor advisories and release notes are key. Verify compatibility matrices, prefer supported long term versions, and stage rollouts with monitoring. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2015-04-16
Medium

CVE-2015-0479

Unspecified vulnerability in the XDK and XDB - XML Database component in Oracle Database Server 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect availability via unknown v…

CVSS: 4.0 CWE: N/A View on NVD
Critical

CVE-2015-0457

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrit…

CVSS: 9.0 CWE: N/A View on NVD
Medium

CVE-2015-0455

Unspecified vulnerability in the XDB - XML Database component in Oracle Database Server 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unkn…

CVSS: 6.8 CWE: N/A View on NVD
2015-01-21
Medium

CVE-2015-0373

Unspecified vulnerability in the OJVM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity,…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2015-0371

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect integrity and availability via u…

CVSS: 4.9 CWE: N/A View on NVD
Low

CVE-2015-0370

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect integrity via unknown vectors, a…

CVSS: 3.5 CWE: N/A View on NVD
Medium

CVE-2014-6578

Unspecified vulnerability in the Workspace Manager component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrit…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2014-6577

Unspecified vulnerability in the XML Developer's Kit for C component in Oracle Database Server 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality v…

CVSS: 6.8 CWE: N/A View on NVD
Critical

CVE-2014-6567

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integ…

CVSS: 9.0 CWE: N/A View on NVD
Medium

CVE-2014-6541

Unspecified vulnerability in the Recovery component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2, when running on Windows, allows remote authenticated users to affec…

CVSS: 6.3 CWE: N/A View on NVD
Medium

CVE-2014-6514

Unspecified vulnerability in the PL/SQL component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality via unknown vectors.

CVSS: 4.0 CWE: N/A View on NVD
2014-11-23
Medium

CVE-2014-6477

Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via un…

CVSS: 6.8 CWE: CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor View on NVD
2014-10-15
Medium

CVE-2014-6563

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unkno…

CVSS: 4.0 CWE: N/A View on NVD
Critical

CVE-2014-6560

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrit…

CVSS: 9.0 CWE: N/A View on NVD
Medium

CVE-2014-6547

Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via un…

CVSS: 4.0 CWE: N/A View on NVD
Critical

CVE-2014-6546

Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integ…

CVSS: 9.0 CWE: N/A View on NVD
Critical

CVE-2014-6545

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrit…

CVSS: 9.0 CWE: N/A View on NVD
Low

CVE-2014-6544

Unspecified vulnerability in the JDBC component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality and integrity via unkn…

CVSS: 3.6 CWE: N/A View on NVD
Medium

CVE-2014-6542

Unspecified vulnerability in the SQLJ component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2014-6538

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unkno…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2014-6537

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrit…

CVSS: 6.5 CWE: N/A View on NVD
Low

CVE-2014-6488

Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Enterprise Manager Grid Control EM Base Platform: 10.2.0.5, 11.1.0.1 EM DB Control: 11.1.0.7, 11.2.0.3, 11.…

CVSS: 2.1 CWE: N/A View on NVD
Medium

CVE-2014-6483

Unspecified vulnerability in the Application Express component in Oracle Database Server before 4.2.6 allows remote authenticated users to affect confidentiality, integrity, and availability via unkn…

CVSS: 6.0 CWE: N/A View on NVD
Critical

CVE-2014-6467

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrit…

CVSS: 9.0 CWE: N/A View on NVD
Critical

CVE-2014-6455

Unspecified vulnerability in the SQLJ component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity,…

CVSS: 9.0 CWE: N/A View on NVD
Medium

CVE-2014-6454

Unspecified vulnerability in the SQLJ component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown…

CVSS: 4.0 CWE: N/A View on NVD
Critical

CVE-2014-6453

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrit…

CVSS: 9.0 CWE: N/A View on NVD
Medium

CVE-2014-6452

Unspecified vulnerability in the SQLJ component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2014-4310

Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via un…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2014-4300

Unspecified vulnerability in the SQLJ component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2014-4299

Unspecified vulnerability in the SQLJ component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2014-4298

Unspecified vulnerability in the SQLJ component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2014-4297

Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via un…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2014-4296

Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via un…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2014-4295

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unkno…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2014-4294

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unkno…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2014-4293

Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via un…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2014-4292

Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via un…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2014-4291

Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via un…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2014-4290

Unspecified vulnerability in the JPublisher component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via un…

CVSS: 4.0 CWE: N/A View on NVD
Low

CVE-2014-4289

Unspecified vulnerability in the JDBC component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality and integrity via unkn…

CVSS: 3.6 CWE: N/A View on NVD
Low

CVE-2014-2478

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote attackers to affect confidentiality via unknown vectors.

CVSS: 2.6 CWE: N/A View on NVD
2014-08-20
Medium

CVE-2014-2520

EMC Documentum Content Server before 6.7 SP2 P16 and 7.x before 7.1 P07, when Oracle Database is used, does not properly restrict DQL hints, which allows remote authenticated users to conduct DQL inj…

CVSS: 6.3 CWE: CWE-264 View on NVD
2014-07-17
Low

CVE-2014-4245

Unspecified vulnerability in the RDBMS Core component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality via unknown vect…

CVSS: 3.5 CWE: N/A View on NVD
Medium

CVE-2014-4237

Unspecified vulnerability in the RDBMS Core component in Oracle Database Server 11.2.0.4 and 12.1.0.1 allows remote authenticated users to affect confidentiality via unknown vectors.

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2014-4236

Unspecified vulnerability in the RDBMS Core component in Oracle Database Server 11.2.0.4 and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unkn…

CVSS: 6.5 CWE: N/A View on NVD
2014-04-16
Medium

CVE-2014-2408

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality and integrity vi…

CVSS: 6.6 CWE: N/A View on NVD
High

CVE-2014-2406

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrity, and…

CVSS: 8.5 CWE: N/A View on NVD
2014-01-15
Medium

CVE-2013-5858

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect integrity via unknown vectors, a…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2013-5853

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, and 12.1.0.1 allows remote attackers to affect availability via unknown vectors.

CVSS: 5.0 CWE: N/A View on NVD
Low

CVE-2013-5764

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, and 12.1.0.1 allows remote authenticated users to affect availability via unknown vectors.

CVSS: 3.5 CWE: N/A View on NVD
Medium

CVE-2014-0378

Unspecified vulnerability in the Spatial component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows local users to affect confidentiality, integrity, and availability via u…

CVSS: 4.1 CWE: N/A View on NVD
Medium

CVE-2014-0377

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality via vectors rela…

CVSS: 4.0 CWE: N/A View on NVD
2013-10-16
Medium

CVE-2013-5771

Unspecified vulnerability in the XML Parser component in Oracle Database Server 11.1.0.7, 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote attackers to affect confidentiality and availability via unkno…

CVSS: 6.4 CWE: N/A View on NVD
Medium

CVE-2013-3826

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote attackers to affect confidentiality via unknown vectors.

CVSS: 5.0 CWE: N/A View on NVD
2013-07-17
Low

CVE-2013-3790

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect integrity via unknown…

CVSS: 2.1 CWE: N/A View on NVD
Medium

CVE-2013-3789

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect confidentiality, integ…

CVSS: 6.5 CWE: N/A View on NVD
High

CVE-2013-3774

Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote attackers to affect confidentiality, in…

CVSS: 7.6 CWE: N/A View on NVD
High

CVE-2013-3771

Unspecified vulnerability in the Oracle executable component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows local users to affect confidentiality, integrity, an…

CVSS: 7.2 CWE: N/A View on NVD
High

CVE-2013-3760

Unspecified vulnerability in the Oracle executable component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows local users to affect confidentiality, integrity, an…

CVSS: 7.2 CWE: N/A View on NVD
Critical

CVE-2013-3751

Unspecified vulnerability in the XML Parser component in Oracle Database Server 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrity, and availabili…

CVSS: 9.0 CWE: N/A View on NVD
2013-04-17
Medium

CVE-2013-1554

Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to affect availability via unknown vect…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2013-1538

Unspecified vulnerability in the Network Layer component in Oracle Database Server 11.2.0.2 and 11.2.0.3 allows remote attackers to affect availability via unknown vectors.

CVSS: 5.0 CWE: N/A View on NVD
Critical

CVE-2013-1534

Unspecified vulnerability in the Workload Manager component in Oracle Database Server 11.2.0.2 and 11.2.0.3, when used in RAC configurations, allows remote attackers to affect confidentiality, integr…

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2013-1519

Unspecified vulnerability in the Application Express component in Oracle Database Server before 4.2.1 allows remote attackers to affect integrity via unknown vectors.

CVSS: 5.0 CWE: N/A View on NVD
2013-01-17
Critical

CVE-2013-0366

Unspecified vulnerability in the Mobile Server component in Oracle Database Mobile/Lite Server (formerly Oracle Database Lite) 10.3.0.3 and 11.1.0.0 allows remote attackers to affect confidentiality,…

CVSS: 10.0 CWE: N/A View on NVD
High

CVE-2013-0364

Unspecified vulnerability in the Mobile Server component in Oracle Database Mobile/Lite Server (formerly Oracle Database Lite) 10.3.0.3 and 11.1.0.0 allows remote attackers to affect confidentiality…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2013-0363

Unspecified vulnerability in the Mobile Server component in Oracle Database Mobile/Lite Server (formerly Oracle Database Lite) 10.3.0.3 and 11.1.0.0 allows remote attackers to affect confidentiality…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2013-0362

Unspecified vulnerability in the Mobile Server component in Oracle Database Mobile/Lite Server (formerly Oracle Database Lite) 10.3.0.3 and 11.1.0.0 allows remote attackers to affect confidentiality…

CVSS: 7.8 CWE: N/A View on NVD
Critical

CVE-2013-0361

Unspecified vulnerability in the Mobile Server component in Oracle Database Mobile/Lite Server (formerly Oracle Database Lite) 10.3.0.3 and 11.1.0.0 allows remote attackers to affect confidentiality,…

CVSS: 10.0 CWE: N/A View on NVD
Critical

CVE-2012-3220

Unspecified vulnerability in the Spatial component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users with Create Session privi…

CVSS: 9.0 CWE: N/A View on NVD
2012-10-16
Low

CVE-2012-3151

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3, when running on Unix and Linux platforms, allows local users to a…

CVSS: 3.3 CWE: N/A View on NVD
Low

CVE-2012-3146

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect integrity vi…

CVSS: 2.1 CWE: N/A View on NVD
Medium

CVE-2012-1751

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availabili…

CVSS: 6.5 CWE: N/A View on NVD
2012-09-21
Medium

CVE-2012-3137

The authentication protocol in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to obtain the session key and salt for arbitrary users, wh…

CVSS: 6.4 CWE: CWE-287 - Improper Authentication View on NVD
2012-08-10
Medium

CVE-2012-3132

SQL injection vulnerability in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to execute arbitrary SQL commands via vectors in…

CVSS: 6.5 CWE: CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') View on NVD
2012-07-17
Medium

CVE-2012-3134

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect availability via unknown vectors.

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2012-1747

Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3, when running on Windows, allows remote attackers to…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2012-1746

Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3, when running on Windows, allows remote attackers to…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2012-1745

Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to affect availability via un…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2012-1737

Unspecified vulnerability in the Enterprise Manager for Oracle Database component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3, and Enterprise Manager Grid Control EM Base Platform 10.2…

CVSS: 6.8 CWE: N/A View on NVD
2012-05-08
High

CVE-2012-1675

The TNS Listener, as used in Oracle Database 11g 11.1.0.7, 11.2.0.2, and 11.2.0.3, and 10g 10.2.0.3, 10.2.0.4, and 10.2.0.5, as used in Oracle Fusion Middleware, Enterprise Manager, E-Business Suite,…

CVSS: 7.5 CWE: CWE-264 View on NVD
2012-05-03
Medium

CVE-2012-1708

Unspecified vulnerability in the Application Express component in Oracle Database Server 4.0 and 4.1 allows remote attackers to affect integrity via unknown vectors.

CVSS: 4.3 CWE: N/A View on NVD
Critical

CVE-2012-0552

Unspecified vulnerability in the Oracle Spatial component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect confiden…

CVSS: 9.0 CWE: N/A View on NVD
Medium

CVE-2012-0534

Unspecified vulnerability in the RDBMS Core component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect integrity vi…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2012-0528

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, and 11.1.0.7, and Oracle Enterprise Manager Grid Control, allows re…

CVSS: 5.8 CWE: N/A View on NVD
Medium

CVE-2012-0527

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3, and Oracle Enterprise Manager Gri…

CVSS: 4.3 CWE: N/A View on NVD
Medium

CVE-2012-0526

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3, and Oracle Enterprise Manager Gri…

CVSS: 4.3 CWE: N/A View on NVD
Medium

CVE-2012-0525

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3, and Oracle Enterprise Manager Grid Control 10.2.0.5 and 11.1.0.…

CVSS: 4.9 CWE: N/A View on NVD
Medium

CVE-2012-0520

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.2, and in Oracle Enterprise Manager Grid Contr…

CVSS: 4.3 CWE: N/A View on NVD
High

CVE-2012-0519

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.2.0.2, when running on Windows, allows remote authenticated users to affect confidentiality, integrity, and availabi…

CVSS: 7.1 CWE: N/A View on NVD
Medium

CVE-2012-0512

Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Server 11.1.0.7 and 11.2.0.2 and Oracle Enterprise Manager Grid Control allows remote authenticated user…

CVSS: 5.5 CWE: N/A View on NVD
Medium

CVE-2012-0511

Unspecified vulnerability in the OCI component in Oracle Database Server 10.2.0.3, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect confidentiality and integrity via unknown vectors.

CVSS: 6.4 CWE: N/A View on NVD
Medium

CVE-2012-0510

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, and 11.1.0.7 allows remote attackers to affect integrity and availability via unknown vec…

CVSS: 6.4 CWE: N/A View on NVD
2012-01-18
Medium

CVE-2012-0082

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect in…

CVSS: 5.5 CWE: N/A View on NVD
Medium

CVE-2012-0072

Unspecified vulnerability in the Listener component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.2 allows remote attackers to affect availability via unknown…

CVSS: 5.0 CWE: N/A View on NVD
2011-10-18
Medium

CVE-2011-3525

Unspecified vulnerability in the Application Express component in Oracle Database Server 3.2 and 4.0 allows remote authenticated users to affect confidentiality, integrity, and availability, related…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2011-3512

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.2 allows remote authenticated users to affect confidential…

CVSS: 6.5 CWE: N/A View on NVD
Low

CVE-2011-3511

Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.2 allows remote authenticated users to affect integrity and avai…

CVSS: 3.6 CWE: N/A View on NVD
Low

CVE-2011-2322

Unspecified vulnerability in the Database Vault component in Oracle Database Server 11.1.0.7 allows remote authenticated users to affect integrity and availability, related to SYSDBA.

CVSS: 3.6 CWE: N/A View on NVD
High

CVE-2011-2301

Unspecified vulnerability in the Oracle Text component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality, integrity, and…

CVSS: 8.5 CWE: N/A View on NVD
2011-09-21
Critical

CVE-2011-3290

Cisco Identity Services Engine (ISE) before 1.0.4.MR2 has default Oracle database credentials, which allows remote attackers to modify settings or perform unspecified other administrative actions via…

CVSS: 10.0 CWE: CWE-255 View on NVD
2011-07-20
Medium

CVE-2011-2257

Unspecified vulnerability in the Database Target Type Menus component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager…

CVSS: 6.8 CWE: N/A View on NVD
High

CVE-2011-2253

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect confidential…

CVSS: 7.1 CWE: N/A View on NVD
Medium

CVE-2011-2248

Unspecified vulnerability in the SQL Performance Advisories/UIs component in Oracle Database Server 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid Control 10.1.0.6, 10.2.0.5, an…

CVSS: 6.8 CWE: N/A View on NVD
Medium

CVE-2011-2244

Unspecified vulnerability in the Security Framework component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Enterprise Manager Grid Control 1…

CVSS: 6.4 CWE: N/A View on NVD
Low

CVE-2011-2243

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7.3, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect integrity, related to SYSDBA.

CVSS: 3.5 CWE: N/A View on NVD
Low

CVE-2011-2242

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.2.0.1 and 11.2.0.2 allows local users to affect confidentiality, related to XML DB FTP.

CVSS: 1.3 CWE: N/A View on NVD
Low

CVE-2011-2240

Unspecified vulnerability in the Oracle Universal Installer component in Oracle Database Server 10.1.0.5 allows local users to affect confidentiality via unknown vectors.

CVSS: 1.7 CWE: N/A View on NVD
High

CVE-2011-2239

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect confidential…

CVSS: 7.1 CWE: N/A View on NVD
Medium

CVE-2011-2238

Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect integrity, related…

CVSS: 4.0 CWE: N/A View on NVD
Medium

CVE-2011-2232

Unspecified vulnerability in the XML Developer Kit component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 11.1.0.7, and 11.2.0.1, and Oracle Fusion Middleware 10.1.3.5, allows remote authe…

CVSS: 6.0 CWE: N/A View on NVD
Medium

CVE-2011-2231

Unspecified vulnerability in the XML Developer Kit component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1, Oracle Fusion Middleware 10.1.3.5, allows remote…

CVSS: 4.3 CWE: N/A View on NVD
Medium

CVE-2011-2230

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows remote attackers to affect availability via unkno…

CVSS: 5.0 CWE: N/A View on NVD
Medium

CVE-2011-0882

Unspecified vulnerability in the Content Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, and 11.1.0.7; and Oracle Enterprise Manager Grid Control 10.1.0.6, 10.2.0.5, and…

CVSS: 6.8 CWE: N/A View on NVD
Medium

CVE-2011-0881

Unspecified vulnerability in the EMCTL component in Oracle Database Server 10.2.0.3, 10.2.0.4, and 11.1.0.7, and Oracle Enterprise Manager Grid Control 10.1.0.6, allows remote attackers to affect int…

CVSS: 4.3 CWE: N/A View on NVD
Medium

CVE-2011-0880

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect confidentiality, integrity, and availabili…

CVSS: 6.5 CWE: N/A View on NVD
Medium

CVE-2011-0879

Unspecified vulnerability in the Instance Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager Grid C…

CVSS: 4.3 CWE: N/A View on NVD
Medium

CVE-2011-0877

Unspecified vulnerability in the Instance Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, and 10.2.0.4, and Oracle Enterprise Manager Grid Control 10.1.0.6, allows remote attackers…

CVSS: 4.3 CWE: N/A View on NVD
Medium

CVE-2011-0876

Unspecified vulnerability in the Enterprise Manager Console component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2; and Oracle Enterprise Manager…

CVSS: 4.3 CWE: N/A View on NVD