- EPSS 2.53%
- Veröffentlicht 18.04.2007 18:19:00
- Zuletzt bearbeitet 16.06.2026 22:38:59
Unspecified vulnerability in Workflow Cartridge, as used in Oracle Database Server 9.2.0.1, 10.1.0.2, and 10.2.0.1; Application Server 9.0.4.3 and 10.1.2.0.2; Collaboration Suite 10.1.2; and E-Business Suite; has unknown impact and remote authenticat...
CVE-2007-1442
- EPSS 0.49%
- Veröffentlicht 14.03.2007 00:19:00
- Zuletzt bearbeitet 16.06.2026 22:37:35
Oracle Database 10g uses a NULL pDacl parameter when calling the SetSecurityDescriptorDacl function to create discretionary access control lists (DACLs), which allows local users to gain privileges.
- EPSS 5.65%
- Veröffentlicht 07.03.2007 20:19:00
- Zuletzt bearbeitet 16.06.2026 22:34:27
Absolute path traversal vulnerability in Oracle Database Server, when utl_file_dir is set to a wildcard value or "CREATE ANY DIRECTORY to PUBLIC" privileges exist, allows remote authenticated users to read and modify arbitrary files via full filepath...
- EPSS 6.83%
- Veröffentlicht 02.03.2007 21:18:00
- Zuletzt bearbeitet 16.06.2026 22:34:19
Oracle 10g R2 and possibly other versions allows remote attackers to trigger internal errors, and possibly have other impacts, via an "alter session set events" command with invalid arguments. NOTE: this issue was originally disputed by a third part...
CVE-2007-0268
- EPSS 2.82%
- Veröffentlicht 17.01.2007 02:28:00
- Zuletzt bearbeitet 16.06.2026 22:35:14
Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 have unknown impact and attack vectors related to (1) the Advanced Queuing component and sys.dbms_aqsys.dbms_aq privileges (DB01), (2) Advanced Replication and sys...
CVE-2007-0269
- EPSS 1.26%
- Veröffentlicht 17.01.2007 02:28:00
- Zuletzt bearbeitet 16.06.2026 22:35:15
Unspecified vulnerability in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and attack vectors related to the Change Data Capture and sys.dbms_cdc_subscribe privileges, aka DB02.
CVE-2007-0270
- EPSS 5.16%
- Veröffentlicht 17.01.2007 02:28:00
- Zuletzt bearbeitet 16.06.2026 22:35:15
Buffer overflow in SYS.DBMS_DRS in Oracle Database 9.2.0.7 and 10.1.0.4 allows remote authenticated users to cause a denial of service (crash) or execute arbitrary code via the GET_PROPERTY function in SYS.DBMS_DRS, aka DB03.
CVE-2007-0271
- EPSS 4.19%
- Veröffentlicht 17.01.2007 02:28:00
- Zuletzt bearbeitet 16.06.2026 22:35:15
Unspecified vulnerability in Oracle Database 9.0.1.5 and 9.2.0.7 has unknown impact and attack vectors related to the Log Miner component and sys.dbms_log_mnr privileges, aka DB04. NOTE: Oracle has not disputed a reliable researcher claim that this ...
CVE-2007-0272
- EPSS 6.58%
- Veröffentlicht 17.01.2007 02:28:00
- Zuletzt bearbeitet 16.06.2026 22:35:15
Multiple buffer overflows in MDSYS.MD in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 allows remote authenticated users to cause a denial of service (crash) or execute arbitrary code via unspecified vectors involving certain public procedu...
CVE-2007-0273
- EPSS 1.32%
- Veröffentlicht 17.01.2007 02:28:00
- Zuletzt bearbeitet 16.06.2026 22:35:15
Unspecified vulnerability in Oracle Database 9.0.1.5, 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and attack vectors related to XMLDB, aka DB06. NOTE: as of 20070123, Oracle has not disputed claims by a reliable researcher that DB06 is for mu...