Total
517 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-1675 | 1 Oracle | 1 Database Server | 2025-04-11 | 7.5 HIGH | N/A |
| The TNS Listener, as used in Oracle Database 11g 11.1.0.7, 11.2.0.2, and 11.2.0.3, and 10g 10.2.0.3, 10.2.0.4, and 10.2.0.5, as used in Oracle Fusion Middleware, Enterprise Manager, E-Business Suite, and possibly other products, allows remote attackers to execute arbitrary database commands by performing a remote registration of a database (1) instance or (2) service name that already exists, then conducting a man-in-the-middle (MITM) attack to hijack database connections, aka "TNS Poison." | |||||
| CVE-2012-0528 | 1 Oracle | 2 Database Server, Enterprise Manager Grid Control | 2025-04-11 | 5.8 MEDIUM | N/A |
| Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, and 11.1.0.7, and Oracle Enterprise Manager Grid Control, allows remote attackers to affect confidentiality and integrity via unknown vectors related to Security Framework. | |||||
| CVE-2011-0799 | 1 Oracle | 2 Database Server, Warehouse Builder | 2025-04-11 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Warehouse Builder component in Oracle Database Server 10.2.0.5 (OWB), 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Oracle Warehouse Builder User Account. | |||||
| CVE-2012-1708 | 1 Oracle | 1 Database Server | 2025-04-11 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Application Express component in Oracle Database Server 4.0 and 4.1 allows remote attackers to affect integrity via unknown vectors. | |||||
| CVE-2010-0854 | 1 Oracle | 1 Database Server | 2025-04-11 | 2.1 LOW | N/A |
| Unspecified vulnerability in the Audit component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect integrity, related to "SELECT, INSERT or DELETE on tables subject to auditing." | |||||
| CVE-2011-0804 | 1 Oracle | 1 Database Server | 2025-04-11 | 3.6 LOW | N/A |
| Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | |||||
| CVE-2011-0877 | 1 Oracle | 2 Database Server, Enterprise Manager Grid Control | 2025-04-11 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Instance Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, and 10.2.0.4, and Oracle Enterprise Manager Grid Control 10.1.0.6, allows remote attackers to affect integrity via unknown vectors. | |||||
| CVE-2012-3134 | 1 Oracle | 1 Database Server | 2025-04-11 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect availability via unknown vectors. | |||||
| CVE-2011-3512 | 1 Oracle | 1 Database Server | 2025-04-11 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.1.0.5, 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2011-0838 | 1 Oracle | 1 Database Server | 2025-04-11 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to create procedure privileges. | |||||
| CVE-2013-3789 | 1 Oracle | 1 Database Server | 2025-04-11 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2014-0378 | 1 Oracle | 1 Database Server | 2025-04-11 | 4.1 MEDIUM | N/A |
| Unspecified vulnerability in the Spatial component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2011-3511 | 1 Oracle | 1 Database Server | 2025-04-11 | 3.6 LOW | N/A |
| Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.2 allows remote authenticated users to affect integrity and availability via unknown vectors related to Privileged Account. | |||||
| CVE-2011-0832 | 1 Oracle | 1 Database Server | 2025-04-11 | 6.0 MEDIUM | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2011-0835 and CVE-2011-0880. | |||||
| CVE-2010-2390 | 1 Oracle | 3 Database Server, Enterprise Manager Grid Control, Fusion Middleware | 2025-04-11 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Database Control component in EM Console in Oracle Database Server 10.1.0.5 and 10.2.0.3, Oracle Fusion Middleware 10.1.2.3 and 10.1.4.3, and Enterprise Manager Grid Control allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2010-3600 | 1 Oracle | 2 Database Server, Enterprise Manager Grid Control | 2025-04-11 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Client System Analyzer component in Oracle Database Server 11.1.0.7 and 11.2.0.1 and Enterprise Manager Grid Control 10.2.0.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable third party coordinator that this issue involves an exposed JSP script that accepts XML uploads in conjunction with NULL bytes in an unspecified parameter that allow execution of arbitrary code. | |||||
| CVE-2012-0525 | 1 Oracle | 2 Database Server, Enterprise Manager Grid Control | 2025-04-11 | 4.9 MEDIUM | N/A |
| Unspecified vulnerability in the Enterprise Manager Base Platform component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3, and Oracle Enterprise Manager Grid Control 10.2.0.5 and 11.1.0.1, allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Enterprise Config Management. | |||||
| CVE-2010-0852 | 1 Oracle | 1 Database Server | 2025-04-11 | 5.5 MEDIUM | N/A |
| Unspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | |||||
| CVE-2012-0510 | 1 Oracle | 1 Database Server | 2025-04-11 | 6.4 MEDIUM | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, and 11.1.0.7 allows remote attackers to affect integrity and availability via unknown vectors. | |||||
| CVE-2012-1751 | 1 Oracle | 1 Database Server | 2025-04-11 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to flashback archive. | |||||