Filtered by vendor Oracle
Subscriptions
Total
9762 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2001-0975 | 1 Oracle | 1 Internet Directory | 2024-08-08 | N/A |
Buffer overflow vulnerabilities in Oracle Internet Directory Server (LDAP) 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | ||||
CVE-2001-0941 | 1 Oracle | 1 Database Server | 2024-08-08 | N/A |
Buffer overflow in dbsnmp in Oracle 8.0.6 through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable. | ||||
CVE-2001-0832 | 1 Oracle | 1 Database Server | 2024-08-08 | N/A |
Vulnerability in Oracle 8.0.x through 9.0.1 on Unix allows local users to overwrite arbitrary files, possibly via a symlink attack or incorrect file permissions in (1) the ORACLE_HOME/rdbms/log directory or (2) an alternate directory as specified in the ORACLE_HOME environmental variable, aka the "Oracle File Overwrite Security Vulnerability." | ||||
CVE-2001-0974 | 1 Oracle | 1 Internet Directory | 2024-08-08 | N/A |
Format string vulnerabilities in Oracle Internet Directory Server (LDAP) 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | ||||
CVE-2001-0831 | 1 Oracle | 1 Database Server | 2024-08-08 | N/A |
Unknown vulnerability in Oracle Label Security in Oracle 8.1.7 and 9.0.1, when audit functionality, SET_LABEL, or SQL*Predicate is being used, allows local users to gain additional access. | ||||
CVE-2001-0942 | 1 Oracle | 1 Database Server | 2024-08-08 | N/A |
dbsnmp in Oracle 8.1.6 and 8.1.7 uses the ORACLE_HOME environment variable to find and execute the dbsnmp program, which allows local users to execute arbitrary programs by pointing the ORACLE_HOME to an alternate directory that contains a malicious version of dbsnmp. | ||||
CVE-2001-0836 | 1 Oracle | 1 Application Server Web Cache | 2024-08-08 | N/A |
Buffer overflow in Oracle9iAS Web Cache 2.0.0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request. | ||||
CVE-2001-0833 | 1 Oracle | 1 Database Server | 2024-08-08 | N/A |
Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable, aka the "Oracle Trace Collection Security Vulnerability." | ||||
CVE-2001-0591 | 1 Oracle | 2 Application Server, Jsp | 2024-08-08 | N/A |
Directory traversal vulnerability in Oracle JSP 1.0.x through 1.1.1 and Oracle 8.1.7 iAS Release 1.0.2 can allow a remote attacker to read or execute arbitrary .jsp files via a '..' (dot dot) attack. | ||||
CVE-2001-0516 | 1 Oracle | 2 Oracle8i, Oracle9i | 2024-08-08 | N/A |
Oracle listener between Oracle 9i and Oracle 8.0 allows remote attackers to cause a denial of service via a malformed connection packet that contains an incorrect requester_version value that does not match an expected offset to the data. | ||||
CVE-2001-0528 | 1 Oracle | 1 E-business Suite | 2024-08-08 | N/A |
Oracle E-Business Suite Release 11i Applications Desktop Integrator (ADI) version 7.x includes a debug version of FNDPUB11I.DLL, which logs the APPS schema password in cleartext in a debug file, which allows local users to obtain the password and gain privileges. | ||||
CVE-2001-0518 | 1 Oracle | 1 Oracle9i | 2024-08-08 | N/A |
Oracle listener before Oracle 9i allows attackers to cause a denial of service by repeatedly sending the first portion of a fragmented Oracle command without sending the remainder of the command, which causes the listener to hang. | ||||
CVE-2001-0515 | 1 Oracle | 2 Database Server, Oracle8i | 2024-08-08 | N/A |
Oracle Listener in Oracle 7.3 and 8i allows remote attackers to cause a denial of service via a malformed connection packet with a large offset_to_data value. | ||||
CVE-2001-0513 | 1 Oracle | 1 Oracle9i | 2024-08-08 | N/A |
Oracle listener process on Windows NT redirects connection requests to another port and creates a separate thread to process the request, which allows remote attackers to cause a denial of service by repeatedly connecting to the Oracle listener but not connecting to the redirected port. | ||||
CVE-2001-0498 | 1 Oracle | 1 Oracle8i | 2024-08-08 | N/A |
Transparent Network Substrate (TNS) over Net8 (SQLNet) in Oracle 8i 8.1.7 and earlier allows remote attackers to cause a denial of service via a malformed SQLNet connection request with a large offset in the header extension. | ||||
CVE-2001-0517 | 1 Oracle | 1 Oracle8i | 2024-08-08 | N/A |
Oracle listener in Oracle 8i on Solaris allows remote attackers to cause a denial of service via a malformed connection packet with a maximum transport data size that is set to 0. | ||||
CVE-2001-0499 | 1 Oracle | 1 Oracle8i | 2024-08-08 | N/A |
Buffer overflow in Transparent Network Substrate (TNS) Listener in Oracle 8i 8.1.7 and earlier allows remote attackers to gain privileges via a long argument to the commands (1) STATUS, (2) PING, (3) SERVICES, (4) TRC_FILE, (5) SAVE_CONFIG, or (6) RELOAD. | ||||
CVE-2001-0419 | 1 Oracle | 1 Application Server | 2024-08-08 | N/A |
Buffer overflow in shared library ndwfn4.so for iPlanet Web Server (iWS) 4.1, when used as a web listener for Oracle application server 4.0.8.2, allows remote attackers to execute arbitrary commands via a long HTTP request that is passed to the application server, such as /jsp/. | ||||
CVE-2001-0407 | 1 Oracle | 1 Mysql | 2024-08-08 | N/A |
Directory traversal vulnerability in MySQL before 3.23.36 allows local users to modify arbitrary files and gain privileges by creating a database whose name starts with .. (dot dot). | ||||
CVE-2001-0300 | 1 Oracle | 1 Internet Directory | 2024-08-08 | N/A |
oidldapd 2.1.1.1 in Oracle 8.1.7 records log files in a directory (ldaplog) that has world-writable permissions, which may allow local users to delete logs and/or overwrite other files via a symlink attack. |