Filtered by vendor Oracle
Subscriptions
Total
9762 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2006-1871 | 1 Oracle | 1 Database Server | 2024-08-07 | N/A |
SQL injection vulnerability in Oracle Database Server 9.2.0.7 and 10.1.0.5 allows remote attackers to execute arbitrary SQL commands via the DELETE_FROM_TABLE function in the DBMS_LOGMNR_SESSION (Log Miner) package, aka Vuln# DB06. | ||||
CVE-2006-1866 | 1 Oracle | 1 Database Server | 2024-08-07 | N/A |
Multiple unspecified vulnerabilities in Oracle Database Server 8.1.7.4, 9.0.1.5, 9.2.0.7, 10.1.0.5, and other versions have unknown impact and attack vectors in the (1) Advanced Replication component, as identified by Vuln# DB01, and (2) Oracle Spatial component, as identified by Vuln# DB10. NOTE: details are unavailable from Oracle, but as of 20060421, they have not publicly disputed a claim by a reliable independent researcher that states that DB01 is an unknown issue in the DBMS_REPUTIL package, and DB10 is SQL injection in the INSERT_CATALOG, UPDATE_CATALOG, and DELETE_CATALOG functions of the SDO_CATALOG package. | ||||
CVE-2006-1881 | 1 Oracle | 1 E-business Suite | 2024-08-07 | N/A |
Unspecified vulnerability in the Financials for Asia/Pacific component in Oracle E-Business Suite and Applications 11.5.9 has unknown impact and attack vectors. component, aka Vuln# APPS02. | ||||
CVE-2006-1868 | 1 Oracle | 1 Database Server | 2024-08-07 | N/A |
Buffer overflow in the Advanced Replication component in Oracle Database Server 10.1.0.4 allows database users to execute arbitrary code via the VERIFY_LOG procedure of the DBMS_SNAPSHOT_UTL package, aka Vuln# DB03. | ||||
CVE-2006-1884 | 3 Jdedwards, Oneworld, Oracle | 12 Enterpriseone Tools, Oneworld Tools, Application Server and 9 more | 2024-08-07 | N/A |
Unspecified vulnerability in the Oracle Thesaurus Management System component in Oracle E-Business Suite and OPA 4.5.2 Applications has unknown impact and attack vectors, aka Vuln# OPA01. | ||||
CVE-2006-1875 | 1 Oracle | 1 Database Server | 2024-08-07 | N/A |
Unspecified vulnerability in Oracle Database Server 9.0.1.5, 9.2.0.7, and 10.1.0.5 has unknown impact and attack vectors in the Oracle Spatial component, aka Vuln# DB11. NOTE: Oracle has not disputed reliable researcher claims that this issue is SQL injection in MDSYS.SDO_LRS_TRIG_INS. | ||||
CVE-2006-1872 | 1 Oracle | 1 Database Server | 2024-08-07 | N/A |
Unspecified vulnerability in Oracle Database Server 9.0.1.5 and 9.2.0.7 has unknown impact and attack vectors in the Oracle Enterprise Manager Intelligent Agent component, aka Vuln# DB07. | ||||
CVE-2006-1869 | 1 Oracle | 1 Database Server | 2024-08-07 | N/A |
Unspecified vulnerability in Oracle Database Server 8.1.7.4 and 9.0.1.5 has unknown impact and attack vectors in the Dictionary component, aka Vuln# DB04. | ||||
CVE-2006-1705 | 1 Oracle | 2 Oracle10g, Oracle9i | 2024-08-07 | N/A |
Oracle Database 9.2.0.0 to 10.2.0.3 allows local users with "SELECT" privileges for a base table to insert, update, or delete data by creating a crafted view then performing the operations on that view. | ||||
CVE-2006-0369 | 1 Oracle | 1 Mysql | 2024-08-07 | N/A |
MySQL 5.0.18 allows local users with access to a VIEW to obtain sensitive information via the "SELECT * FROM information_schema.views;" query, which returns the query that created the VIEW. NOTE: this issue has been disputed by third parties, saying that the availability of the schema is a normal and sometimes desired aspect of database access | ||||
CVE-2006-1517 | 3 Mysql, Oracle, Redhat | 3 Mysql, Mysql, Enterprise Linux | 2024-08-07 | N/A |
sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to obtain sensitive information via a COM_TABLE_DUMP request with an incorrect packet length, which includes portions of memory in an error message. | ||||
CVE-2006-1516 | 3 Mysql, Oracle, Redhat | 3 Mysql, Mysql, Enterprise Linux | 2024-08-07 | N/A |
The check_connection function in sql_parse.cc in MySQL 4.0.x up to 4.0.26, 4.1.x up to 4.1.18, and 5.0.x up to 5.0.20 allows remote attackers to read portions of memory via a username without a trailing null byte, which causes a buffer over-read. | ||||
CVE-2006-1518 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2024-08-07 | N/A |
Buffer overflow in the open_table function in sql_base.cc in MySQL 5.0.x up to 5.0.20 might allow remote attackers to execute arbitrary code via crafted COM_TABLE_DUMP packets with invalid length values. | ||||
CVE-2006-1358 | 1 Oracle | 1 Weblogic Portal | 2024-08-07 | N/A |
Unspecified vulnerability in BEA WebLogic Portal 8.1 up to SP5 causes a JSR-168 Portlet to be retrieved from the cache for the wrong session, which might allow one user to see a Portlet of another user. | ||||
CVE-2006-1037 | 1 Oracle | 2 Diagnostics, E-business Suite | 2024-08-07 | N/A |
SQL injection vulnerability in the Oracle Diagnostics module 2.2 and earlier allows remote attackers to execute arbitrary SQL commands via unknown attack vectors. | ||||
CVE-2006-1035 | 1 Oracle | 2 Diagnostics, E-business Suite | 2024-08-07 | N/A |
Unspecified vulnerability in the Oracle Diagnostics module 2.2 and earlier allows remote attackers to access diagnostics tests via unknown attack vectors. | ||||
CVE-2006-1036 | 1 Oracle | 1 Diagnostics | 2024-08-07 | N/A |
Multiple unspecified vulnerabilities in the Oracle Diagnostics module 2.2 and earlier have unknown impact and attack vectors, related to "permissions." | ||||
CVE-2006-0903 | 3 Mysql, Oracle, Redhat | 4 Mysql, Mysql, Enterprise Linux and 1 more | 2024-08-07 | N/A |
MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms via SQL queries that contain the NULL character, which are not properly handled by the mysql_real_query function. NOTE: this issue was originally reported for the mysql_query function, but the vendor states that since mysql_query expects a null character, this is not an issue for mysql_query. | ||||
CVE-2006-0552 | 1 Oracle | 12 10g Enterprise Manager Grid Control, Application Server, Collaboration Suite and 9 more | 2024-08-07 | N/A |
Unspecified vulnerability in the Net Listener component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, and 9.2.0.7 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB11. | ||||
CVE-2006-0550 | 1 Oracle | 1 Oracle Client | 2024-08-07 | N/A |
Buffer overflow in an unspecified Oracle Client utility might allow remote attackers to execute arbitrary code or cause a denial of service. NOTE: due to the lack of relevant details from the Oracle advisory, a separate CVE is being created since it cannot be conclusively proven that this issue has been addressed by Oracle. It is possible that this is the same issue as Oracle Vuln# DBC02 from the January 2006 CPU, in which case this would be a duplicate of CVE-2006-0283. However, there are enough inconsistencies that the mapping can not be made authoritatively. |