Oracle

Database Server

515 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2005-3438

Exploit
  • EPSS 7.74%
  • Published 02.11.2005 11:02:00
  • Last modified 03.04.2025 01:03:51

Multiple unspecified vulnerabilities in Oracle Database Server 9i up to 10.1.0.4.2 have unknown impact and attack vectors, aka Oracle Vuln# (1) DB04 in Change Data Capture; (2) DB06 in Data Guard Logical Standby; (3) DB10 in Locale; (4) DB12 in Mater...

10

CVE-2005-3440

  • EPSS 3.21%
  • Published 02.11.2005 11:02:00
  • Last modified 03.04.2025 01:03:51

Unspecified vulnerability in Database Scheduler in Oracle Database Server 10g up to 10.1.0.3 has unknown impact and attack vectors, aka Oracle Vuln# DB08.

10

CVE-2005-3443

  • EPSS 4.24%
  • Published 02.11.2005 11:02:00
  • Last modified 03.04.2025 01:03:51

Unspecified vulnerability in the Spatial component in Oracle Database Server from 9i up to 10.1.0.3 has unknown impact and attack vectors, aka Oracle Vuln# DB17.

10

CVE-2005-3444

  • EPSS 2.05%
  • Published 02.11.2005 11:02:00
  • Last modified 03.04.2025 01:03:51

Multiple unspecified vulnerabilities in the Programmatic Interface in Oracle Database Server from 8i up to 9.2.0.5 have unknown impact and attack vectors, aka Oracle Vuln# DB26.

3.5

CVE-2005-3205

  • EPSS 0.46%
  • Published 14.10.2005 10:02:00
  • Last modified 03.04.2025 01:03:51

Cross-site scripting (XSS) vulnerability in iSQL*Plus (iSQLPlus) in Oracle9i Database Server Release 2 9.0.2.4 allows remote attackers to inject arbitrary web script or HTML via script in the "set markup HTML TABLE" command, which is executed when th...

5

CVE-2005-3206

Exploit
  • EPSS 27.03%
  • Published 14.10.2005 10:02:00
  • Last modified 03.04.2025 01:03:51

iSQL*Plus (isqlplus) for Oracle9i Database Server Release 2 9.0.2.4 allows remote attackers to cause a denial of service (TNS listener stop) via an HTTP request with an sid parameter that contains a STOP command.

5

CVE-2005-0298

  • EPSS 0.34%
  • Published 02.05.2005 04:00:00
  • Last modified 03.04.2025 01:03:51

The DIRECTORY objects in Oracle 8i through Oracle 10g contain the location of a specific operating system directory, which allows users with read privileges to a DIRECTORY object to obtain sensitive information.

7.5

CVE-2005-1197

  • EPSS 0.9%
  • Published 02.05.2005 04:00:00
  • Last modified 03.04.2025 01:03:51

SQL injection vulnerability in the SYS.DBMS_CDC_IPUBLISH.CREATE_SCN_CHANGE_SET procedure in Oracle Database Server 10g allows remote attackers to execute arbitrary SQL commands via the CHANGE_SET_NAME parameter.

5

CVE-2005-0701

Exploit
  • EPSS 28.78%
  • Published 07.03.2005 05:00:00
  • Last modified 03.04.2025 01:03:51

Directory traversal vulnerability in Oracle Database Server 8i and 9i allows remote attackers to read or rename arbitrary files via "\\.\\.." (modified dot dot backslash) sequences to UTL_FILE functions such as (1) UTL_FILE.FOPEN or (2) UTL_FILE.fre...

7.5

CVE-2005-0297

  • EPSS 0.5%
  • Published 18.01.2005 05:00:00
  • Last modified 03.04.2025 01:03:51

SQL injection vulnerability in Oracle Database 9i and 10g allows remote attackers to execute arbitrary SQL commands and gain privileges.