Filtered by vendor Oracle
Subscribe
Total
10321 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-0263 | 1 Oracle | 1 Database Server | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.7, 10.1.0.5, and 10.2.0.1 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) DB09 in the (a) Net Listener component; and (2) DB12 and (3) DB13 in the Network Communications (RPC) component. | |||||
| CVE-2006-0285 | 1 Oracle | 2 Application Server, Database Server | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the Java Net component of Oracle Database Server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.7, and 10.1.0.4, and Application Server 1.0.2.2, 9.0.4.2, and 10.1.2.0.2, has unspecified impact and attack vectors, as identified by Oracle Vuln# JN01. | |||||
| CVE-2005-1381 | 1 Oracle | 1 Application Server Web Cache | 2025-04-03 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Oracle Webcache 9i allow remote attackers to inject arbitrary web script or HTML via the (1) cache_dump_file or (2) PartialPageErrorPage parameter. | |||||
| CVE-2006-3709 | 1 Oracle | 1 Application Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in OC4J for Oracle Application Server 9.0.2.3, 9.0.3.1, and 10.1.2.0.0 has unknown impact and attack vectors, aka Oracle Vuln# AS04. | |||||
| CVE-2006-4226 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2025-04-03 | 3.6 LOW | N/A |
| MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions. | |||||
| CVE-2006-4031 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2025-04-03 | 2.1 LOW | N/A |
| MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access a table through a previously created MERGE table, even after the user's privileges are revoked for the original table, which might violate intended security policy. | |||||
| CVE-2003-0634 | 1 Oracle | 2 Oracle8i, Oracle9i | 2025-04-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the PL/SQL EXTPROC functionality for Oracle9i Database Release 2 and 1, and Oracle 8i, allows authenticated database users, and arbitrary database users in some cases, to execute arbitrary code via a long library name. | |||||
| CVE-2006-1869 | 1 Oracle | 1 Database Server | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle Database Server 8.1.7.4 and 9.0.1.5 has unknown impact and attack vectors in the Dictionary component, aka Vuln# DB04. | |||||
| CVE-2006-1887 | 1 Oracle | 1 Enterpriseone | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle JD Edwards EnterpriseOne Security Server 8.95.J1 has unknown impact and attack vectors, aka Vuln# JDE01. | |||||
| CVE-2005-3457 | 1 Oracle | 1 E-business Suite | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle E-Business Suite and Applications 11.0 up to 11.5.10 has unknown impact and attack vectors, as identified by Oracle Vuln# APPS08 in HRMS. | |||||
| CVE-2005-1383 | 1 Oracle | 1 Application Server | 2025-04-03 | 7.5 HIGH | N/A |
| The OHS component 1.0.2 through 10.x, when UseWebcacheIP is disabled, in Oracle Application Server allows remote attackers to bypass HTTP Server mod_access restrictions via a request to the webcache TCP port 7778. | |||||
| CVE-2001-1217 | 1 Oracle | 1 Application Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in PL/SQL Apache module in Oracle Oracle 9i Application Server allows remote attackers to access sensitive information via a double encoded URL with .. (dot dot) sequences. | |||||
| CVE-2004-1339 | 1 Oracle | 2 Database Server, Oracle9i | 2025-04-03 | 6.5 MEDIUM | N/A |
| SQL injection vulnerability in the (1) MDSYS.SDO_GEOM_TRIG_INS1 and (2) MDSYS.SDO_LRS_TRIG_INS default triggers in Oracle 9i and 10g allows remote attackers to execute arbitrary SQL commands via the new.table_name or new.column_name parameters. | |||||
| CVE-2005-3454 | 1 Oracle | 1 Collaboration Suite | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Oracle Collaboration Suite 10g Release 1 version 10.1.1 and 9i Release 2 9.0.4.2 have unknown impact and attack vectors, as identified by Oracle Vuln# (1) OCS01, (2) OCS02, (3) OCS03, and (4) OCS04 for Calendar; (5) OCS05, (6) OCS06, (7) OCS07, (8) OCS08, (9) OCS09, and (10) OCS10 for Email Server; and (11) OCS11, (12) OCS12, and (13) OCS13 for Oracle Files. | |||||
| CVE-2002-1844 | 2 Microsoft, Oracle | 2 Windows Media Player, Solaris | 2025-04-03 | 7.2 HIGH | 7.8 HIGH |
| Microsoft Windows Media Player (WMP) 6.3, when installed on Solaris, installs executables with world-writable permissions, which allows local users to delete or modify the executables to gain privileges. | |||||
| CVE-2005-4550 | 1 Oracle | 1 Application Server Discussion Forum Portlet | 2025-04-03 | 5.0 MEDIUM | N/A |
| The PORTAL schema in Oracle Application Server (OracleAS) Discussion Forum Portlet allows remote attackers to obtain the source code for arbitrary JSP and other files via a df_next_page parameter with a trailing null byte (%00). | |||||
| CVE-2006-0290 | 1 Oracle | 4 Application Server, Collaboration Suite, Database Server and 1 more | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle Database Server 9.2.0.7, Application Server 9.0.4.2 and 10.1.2.1, Collaboration Suite Release 2, version 9.0.4.2 (Oracle9i), and E-Business Suite and Applications 11.5.10 has unspecified impact and attack vectors, as identified by Oracle Vuln# WF01 in the Oracle Workflow Cartridge component. | |||||
| CVE-2005-3459 | 1 Oracle | 2 Clinical, E-business Suite | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in Oracle E-Business Suite and Applications 4.5 up to 4.5.1 has unknown impact and attack vectors, as identified by Oracle Vuln# APPS22 in Oracle Clinical. | |||||
| CVE-2003-0633 | 1 Oracle | 2 Applications, E-business Suite | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple vulnerabilities in aoljtest.jsp of Oracle Applications AOL/J Setup Test Suite in Oracle E-Business Suite 11.5.1 through 11.5.8 allow a remote attacker to obtain sensitive information without authentication, such as the GUEST user password and the application server security key. | |||||
| CVE-2006-3723 | 1 Oracle | 1 Peoplesoft Enterprise | 2025-04-03 | 10.0 HIGH | N/A |
| Unspecified vulnerability in PeopleSoft Enterprise Portal for Oracle PeopleSoft Enterprise Portal 8.8 with Enforcer Portal Pack Bundle #10 and 8.9 Bundle #3 has unknown impact and attack vectors, aka Oracle Vuln# PSE02. | |||||