Filtered by vendor Oracle
Subscriptions
Total
9762 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-21111 | 1 Oracle | 1 Vm Virtualbox | 2024-08-09 | 7.8 High |
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: This vulnerability applies to Windows hosts only. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). | ||||
CVE-2024-21112 | 1 Oracle | 1 Vm Virtualbox | 2024-08-09 | 8.8 High |
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). | ||||
CVE-2000-1236 | 1 Oracle | 1 Application Server | 2024-08-08 | N/A |
SQL injection vulnerability in mod_sql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the query string of the URL. | ||||
CVE-2000-1180 | 1 Oracle | 1 Oracle8i | 2024-08-08 | N/A |
Buffer overflow in cmctl program in Oracle 8.1.5 Connection Manager Control allows local users to gain privileges via a long command line argument. | ||||
CVE-2000-0987 | 1 Oracle | 2 Internet Directory, Oracle8i | 2024-08-08 | N/A |
Buffer overflow in oidldapd in Oracle 8.1.6 allow local users to gain privileges via a long "connect" command line parameter. | ||||
CVE-2000-0981 | 1 Oracle | 1 Mysql | 2024-08-08 | N/A |
MySQL Database Engine uses a weak authentication method which leaks information that could be used by a remote attacker to recover the password. | ||||
CVE-2000-0986 | 1 Oracle | 1 Oracle8i | 2024-08-08 | N/A |
Buffer overflow in Oracle 8.1.5 applications such as names, namesctl, onrsd, osslogin, tnslsnr, tnsping, trcasst, and trcroute possibly allow local users to gain privileges via a long ORACLE_HOME environmental variable. | ||||
CVE-2000-0818 | 1 Oracle | 1 Listener | 2024-08-08 | N/A |
The default installation for the Oracle listener program 7.3.4, 8.0.6, and 8.1.6 allows an attacker to cause logging information to be appended to arbitrary files and execute commands via the SET TRC_FILE or SET LOG_FILE commands. | ||||
CVE-2000-0576 | 1 Oracle | 1 Web Listener | 2024-08-08 | N/A |
Oracle Web Listener for AIX versions 4.0.7.0.0 and 4.0.8.1.0 allows remote attackers to cause a denial of service via a malformed URL. | ||||
CVE-2000-0169 | 1 Oracle | 1 Application Server | 2024-08-08 | N/A |
Batch files in the Oracle web listener ows-bin directory allow remote attackers to execute commands via a malformed URL that includes '?&'. | ||||
CVE-2000-0206 | 1 Oracle | 1 Oracle8i | 2024-08-08 | N/A |
The installation of Oracle 8.1.5.x on Linux follows symlinks and creates the orainstRoot.sh file with world-writeable permissions, which allows local users to gain privileges. | ||||
CVE-2000-0148 | 1 Oracle | 1 Mysql | 2024-08-08 | N/A |
MySQL 3.22 allows remote attackers to bypass password authentication and access a database via a short check string. | ||||
CVE-2000-0045 | 1 Oracle | 1 Mysql | 2024-08-08 | N/A |
MySQL allows local users to modify passwords for arbitrary MySQL users via the GRANT privilege. | ||||
CVE-2001-1453 | 1 Oracle | 1 Mysql | 2024-08-08 | N/A |
Buffer overflow in libmysqlclient.so in MySQL 3.23.33 and earlier allows remote attackers to execute arbitrary code via a long host parameter. | ||||
CVE-2001-1454 | 1 Oracle | 1 Mysql | 2024-08-08 | N/A |
Buffer overflow in MySQL before 3.23.33 allows remote attackers to execute arbitrary code via a long drop database request. | ||||
CVE-2001-1321 | 1 Oracle | 1 Internet Directory | 2024-08-08 | N/A |
Oracle Internet Directory Server 2.1.1.x and 3.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via invalid encodings of BER OBJECT-IDENTIFIER values, as demonstrated by the PROTOS LDAPv3 test suite. | ||||
CVE-2001-1372 | 1 Oracle | 1 Application Server | 2024-08-08 | N/A |
Oracle 9i Application Server 1.0.2 allows remote attackers to obtain the physical path of a file under the server root via a request for a non-existent .JSP file, which leaks the pathname in an error message. | ||||
CVE-2001-1274 | 2 Oracle, Redhat | 2 Mysql, Linux | 2024-08-08 | N/A |
Buffer overflow in MySQL before 3.23.31 allows attackers to cause a denial of service and possibly gain privileges. | ||||
CVE-2001-1371 | 1 Oracle | 1 Application Server | 2024-08-08 | N/A |
The default configuration of Oracle Application Server 9iAS 1.0.2.2 enables SOAP and allows anonymous users to deploy applications by default via urn:soap-service-manager and urn:soap-provider-manager. | ||||
CVE-2001-1216 | 1 Oracle | 1 Application Server | 2024-08-08 | N/A |
Buffer overflow in PL/SQL Apache module in Oracle 9i Application Server allows remote attackers to execute arbitrary code via a long request for a help page. |