Filtered by vendor Oracle
Subscriptions
Filtered by product Database Server
Subscriptions
Total
513 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-1020 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in the Network Foundation component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | ||||
| CVE-2006-5343 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in Database Scheduler component in Oracle Database 10.1.0.3 has unknown impact and remote authenticated attack vectors related to sys.dbms_scheduler, aka Vuln# DB19. | ||||
| CVE-2009-3413 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2008-3976 and CVE-2009-3414. | ||||
| CVE-2009-3414 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in the Oracle Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2008-3976 and CVE-2009-3413. | ||||
| CVE-2009-3415 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in the Oracle OLAP component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | ||||
| CVE-2009-1966 | 1 Oracle | 2 Database Server, Enterprise Manager | 2025-04-09 | N/A |
| Unspecified vulnerability in the Config Management component in (1) Oracle Database 11.1.0.7 and (2) Oracle Enterprise Manager 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-1967. | ||||
| CVE-2009-1973 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in the Virtual Private Database component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote authenticated users to affect confidentiality and integrity, related to VPD policies. | ||||
| CVE-2009-1979 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in the Network Authentication component in Oracle Database 10.1.0.5 and 10.2.0.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2009 CPU. Oracle has not commented on claims from an independent researcher that this is related to improper validation of the AUTH_SESSKEY parameter length that leads to arbitrary code execution. | ||||
| CVE-2009-1991 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in the Oracle Text component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity, related to CTXSYS.DRVXTABC. NOTE: the previous information was obtained from the October 2009 CPU. Oracle has not commented on claims from an established researcher that this is for multiple SQL injection vulnerabilities via the (1) idx_owner or (2) idx_name parameters to the create_tables procedure. | ||||
| CVE-2009-1993 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in the Application Express component in Oracle Database 3.0.1 allows remote authenticated users to affect confidentiality and integrity, related to FLOWS_030000.WWV_EXECUTE_IMMEDIATE. | ||||
| CVE-2009-1994 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5 allows remote authenticated users to affect confidentiality, integrity, and availability, related to MDSYS.PRVT_CMT_CBK. | ||||
| CVE-2009-1970 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in the Listener component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2009-0991. | ||||
| CVE-2007-1442 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Oracle Database 10g uses a NULL pDacl parameter when calling the SetSecurityDescriptorDacl function to create discretionary access control lists (DACLs), which allows local users to gain privileges. | ||||
| CVE-2009-3411 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in the Oracle Data Pump component in Oracle Database 11.1.0.7, 10.2.0.3, 10.2.0.4, 10.1.0.5, 9.2.0.8, and 9.2.0.8DV allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | ||||
| CVE-2009-3412 | 1 Oracle | 2 Application Server, Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in the Unzip component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5; and Oracle Application Server 10.1.2.3; allows local users to affect confidentiality via unknown vectors. | ||||
| CVE-2006-5332 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in xdb.dbms_xdbz in the XMLDB component for Oracle Database 9.2.0.6 and 10.1.0.4 has unknown impact and remote authenticated attack vectors, aka Vuln# DB01. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB01 is for PL/SQL injection in the ENABLE_HIERARCHY_INTERNAL procedure. | ||||
| CVE-2006-5334 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 has unknown impact and remote authenticated attack vectors related to mdsys.md2, aka Vuln# DB03. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB03 is related to one or more of (1) a buffer overflow in the (a) RELATE function or (2) SQL injection in the (b) TESSELATE_FIXED and (c) TESSELATE function. | ||||
| CVE-2006-5336 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in the Change Data Capture (CDC) component in Oracle Database 9.2.0.7, 10.1.0.5, and have unknown impact and remote authenticated attack vectors related to (1) sys.dbms_cdc_ipublish (Vuln# DB05) and (2) sys.dbms_cdc_isubscribe (DB06). NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB05 is for SQL injection in CREATE_CHANGE_TABLE and CHANGE_TABLE_TRIGGER, and DB06 is for PL/SQL injection in the PREPARE_UNBOUNDED_VIEW procedure. | ||||
| CVE-2006-5338 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database 10.1.0.5 has unknown impact and remote authenticated attack vectors related to sys.dbms_sqltune, aka Vuln# DB10. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB10 is for SQL injection in DROP_SQLSET, DELETE_SQLSET, SELECT_SQLSET, and I_SET_TUNING_PARAMETER. NOTE: some of these vectors might be in DBMS_SQLTUNE_INTERNAL. | ||||
| CVE-2007-0277 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in Oracle Database client-only 10.1.0.4 has unknown impact and attack vectors related to the Export component and expdp or impdp, aka DB11. | ||||