Oracle

Database Server

519 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9

CVE-2018-10237

  • EPSS 3.26%
  • Veröffentlicht 26.04.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:41:04

Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray...

8.5

CVE-2018-2841

  • EPSS 1.09%
  • Veröffentlicht 19.04.2018 02:29:05
  • Zuletzt bearbeitet 21.11.2024 04:04:35

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure priv...

9.8

CVE-2017-15095

  • EPSS 9.26%
  • Veröffentlicht 06.02.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:14:03

A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMappe...

8.3

CVE-2018-2680

  • EPSS 1.38%
  • Veröffentlicht 18.01.2018 02:29:22
  • Zuletzt bearbeitet 21.11.2024 04:04:13

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols ...

2.1

CVE-2018-2575

  • EPSS 0.32%
  • Veröffentlicht 18.01.2018 02:29:18
  • Zuletzt bearbeitet 21.11.2024 04:03:58

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, and 12.2.0.1. Difficult to exploit vulnerability allows high privileged attacker having Local Logon privilege with netwo...

9.1

CVE-2017-10282

  • EPSS 1.9%
  • Veröffentlicht 18.01.2018 02:29:16
  • Zuletzt bearbeitet 21.11.2024 03:05:49

Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows high privileged attacker having Create Session, Execute Catalog Role privileg...

1.9

CVE-2017-10120

  • EPSS 0.08%
  • Veröffentlicht 08.08.2017 15:29:03
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that is affected is 12.1.0.2. Difficult to exploit vulnerability allows high privileged attacker having Create Session, Select Any Dictionary privilege wit...

8.8

CVE-2016-9840

  • EPSS 13%
  • Veröffentlicht 23.05.2017 04:29:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.

9.8

CVE-2016-9841

  • EPSS 20.28%
  • Veröffentlicht 23.05.2017 04:29:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.

8.8

CVE-2016-9842

  • EPSS 10.91%
  • Veröffentlicht 23.05.2017 04:29:01
  • Zuletzt bearbeitet 04.12.2025 17:15:51

The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.