Filtered by vendor Oracle
Subscriptions
Total
9762 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2006-0268 | 1 Oracle | 1 Database Server | 2024-08-07 | N/A |
| Unspecified vulnerability in the Security component of Oracle Database server 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.6, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB21. | ||||
| CVE-2006-0278 | 1 Oracle | 1 E-business Suite | 2024-08-07 | N/A |
| Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.9 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) APPS02 in the (a) CRM Technical Foundation component; (2) APPS03 in the (b) iProcurement component; and (3) APPS04, (4) APPS05, and (5) APPS06 in the Oracle Application Object Library component. | ||||
| CVE-2006-0276 | 1 Oracle | 1 Collaboration Suite | 2024-08-07 | N/A |
| Multiple unspecified vulnerabilities in Oracle Collaboration Suite Release 2, version 9.0.4.2 (Oracle9i) have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) OCS01, 2) OCS02, 3) OCS03, 4) OCS04, 5) OCS05, 6) OCS06, 7) OCS07, (8) OCS08, and (9) OCS09 in the (a) Email Server component; 10) OCS10 (and (11) OCS11 in the (b) Oracle Collaboration Suite Wireless & Voice (component; 12) OCS12 and (13) OCS13 in the (c) Oracle Content (Management SDK component; 14) OCS14 and (15) OCS15 in the (d) Oracle (Content Services component. | ||||
| CVE-2006-0263 | 1 Oracle | 1 Database Server | 2024-08-07 | N/A |
| Multiple unspecified vulnerabilities in Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.7, 10.1.0.5, and 10.2.0.1 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) DB09 in the (a) Net Listener component; and (2) DB12 and (3) DB13 in the Network Communications (RPC) component. | ||||
| CVE-2006-0272 | 1 Oracle | 2 Oracle10g, Oracle9i | 2024-08-07 | N/A |
| Unspecified vulnerability in the XML Database component of Oracle Database server 9.2.0.7 and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB29. NOTE: based on mutual credits by the relevant sources, it is highly likely that this issue is a buffer overflow in the (a) DBMS_XMLSCHEMA and (b) DBMS_XMLSCHEMA_INT packages, as exploitable via long arguments to (1) XDB.DBMS_XMLSCHEMA.GENERATESCHEMA or (2) XDB.DBMS_XMLSCHEMA.GENERATESCHEMAS. | ||||
| CVE-2006-0267 | 1 Oracle | 1 Database Server | 2024-08-07 | N/A |
| Unspecified vulnerability in the Query Optimizer component of Oracle Database server 9.2.0.6 and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB20. | ||||
| CVE-2006-0259 | 1 Oracle | 1 Database Server | 2024-08-07 | N/A |
| Multiple unspecified vulnerabilities in Oracle Database server 10.1.0.5 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) DB04 and (2) DB06 in the (a) Data Pump component; (3) DB10 in the (b) Net Listener component; and (4) DB16 in the (c) Oracle Text component. NOTE: details are unavailable from Oracle, but they have not publicly disputed a claim by a reliable independent researcher that states that DB06 is SQL injection in the GENERATE_JOB_NAME, GET_WORKERSTATUSLIST1010, GET_PARAMVALUES1010, GET_DUMPFILESET1010, GET_JOBSTATUS1010, ATTACH, and ESTABLISH_REMOTE_CONTEXT functions in DBMS_DATAPUMP. | ||||
| CVE-2006-0256 | 1 Oracle | 1 Database Server | 2024-08-07 | N/A |
| Unspecified vulnerability in the Advanced Queuing component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.6, 10.1.0.3 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB01. | ||||
| CVE-2006-0262 | 1 Oracle | 4 Database Server, Oracle10g, Oracle8i and 1 more | 2024-08-07 | N/A |
| Unspecified vulnerability in the Net Foundation Layer component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.6, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB08. | ||||
| CVE-2006-0261 | 1 Oracle | 1 Database Server | 2024-08-07 | N/A |
| Multiple unspecified vulnerabilities in Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) DB07 in the Dictionary component and (2) DB14 in the Oracle Label Security component. NOTE: Oracle has not disputed reliable researcher claims that DB07 involves plaintext storage of the TDE wallet password in a trace file by event 10053. | ||||
| CVE-2006-0258 | 1 Oracle | 1 Database Server | 2024-08-07 | N/A |
| Unspecified vulnerability in the Connection Manager component of Oracle Database server 8.1.7.4 and 9.0.1.5 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB03. | ||||
| CVE-2007-6303 | 3 Mysql, Oracle, Redhat | 3 Mysql, Mysql, Rhel Application Stack | 2024-08-07 | N/A |
| MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement. | ||||
| CVE-2007-6304 | 2 Mysql, Oracle | 2 Mysql, Mysql | 2024-08-07 | N/A |
| The federated engine in MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4, when performing a certain SHOW TABLE STATUS query, allows remote MySQL servers to cause a denial of service (federated handler crash and daemon crash) via a response that lacks the minimum required number of columns. | ||||
| CVE-2007-6283 | 4 Centos, Fedoraproject, Oracle and 1 more | 9 Centos, Fedora Core, Linux and 6 more | 2024-08-07 | N/A |
| Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file with world-readable permissions, which allows local users to perform unauthorized named commands, such as causing a denial of service by stopping named. | ||||
| CVE-2007-6260 | 1 Oracle | 1 Database Server | 2024-08-07 | N/A |
| The installation process for Oracle 10g and llg uses accounts with default passwords, which allows remote attackers to obtain login access by connecting to the Listener. NOTE: at the end of the installation, if performed using the Database Configuration Assistant (DBCA), most accounts are disabled or their passwords are changed. | ||||
| CVE-2007-5970 | 1 Oracle | 1 Mysql | 2024-08-07 | N/A |
| MySQL 5.1.x before 5.1.23 and 6.0.x before 6.0.4 allows remote authenticated users to gain privileges on arbitrary tables via unspecified vectors involving use of table-level DATA DIRECTORY and INDEX DIRECTORY options when creating a partitioned table with the same name as a table on which the user lacks privileges. | ||||
| CVE-2007-5897 | 1 Oracle | 1 Database Server | 2024-08-07 | N/A |
| Buffer overflow in MDSYS.SDO_CS in Oracle Database Server 8iR3, 9iR1, 9iR2 up to 9.2.0.6, and 10gR1 up to 10.1.0.4 allows remote authenticated users to cause a denial of service (crash) and execute arbitrary code via the TRANSFORM function. NOTE: this issue might already be covered by CVE-2007-5515, CVE-2007-5509, or CVE-2007-5505, but there are insufficient details to be sure. | ||||
| CVE-2007-5766 | 1 Oracle | 1 E-business Suite | 2024-08-07 | N/A |
| SQL injection vulnerability in okxLOV.jsp in Oracle E-Business Suite 11 and 12 allows remote attackers to execute arbitrary SQL commands via unknown vectors. NOTE: this is probably the same issue as CVE-2007-5527 or CVE-2007-5528, but there are insufficient details to be sure. | ||||
| CVE-2007-5576 | 2 Bea, Oracle | 5 Tuxedo, Weblogic Integration, Weblogic Server and 2 more | 2024-08-07 | N/A |
| BEA Tuxedo 8.0 before RP392 and 8.1 before RP293, and WebLogic Enterprise 5.1 before RP174, echo the password in cleartext, which allows physically proximate attackers to obtain sensitive information via the (1) cnsbind, (2) cnsunbind, or (3) cnsls commands. | ||||
| CVE-2007-5531 | 1 Oracle | 3 Application Server, Database Server, Enterprise Manager | 2024-08-07 | N/A |
| Unspecified vulnerability in Oracle Help for Web, as used in Oracle Application Server, Oracle Database 10.2.0.3, and Enterprise Manager 10.1.0.6, has unknown impact and remote attack vectors, aka EM02. | ||||