Oracle

Database Server

515 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2004-2345

  • EPSS 0.77%
  • Published 31.12.2004 05:00:00
  • Last modified 03.04.2025 01:03:51

Unknown multiple vulnerabilities in Oracle9i Database Server 9.0.1.4, 9.0.1.5, 9.2.0.3, and 9.2.0.4 allow local users with the ability to invoke SQL to cause a denial of service or obtain sensitive information.

6.5

CVE-2004-1338

  • EPSS 0.3%
  • Published 23.12.2004 05:00:00
  • Last modified 03.04.2025 01:03:51

The triggers in Oracle 9i and 10g allow local users to gain privileges by using a sequence of partially privileged actions: using CCBKAPPLROWTRIG or EXEC_CBK_FN_DML to add arbitrary functions to the SDO_CMT_DBK_FN_TABLE and SDO_CMT_CBK_DML_TABLE, the...

6.5

CVE-2004-1339

  • EPSS 0.49%
  • Published 23.12.2004 05:00:00
  • Last modified 03.04.2025 01:03:51

SQL injection vulnerability in the (1) MDSYS.SDO_GEOM_TRIG_INS1 and (2) MDSYS.SDO_LRS_TRIG_INS default triggers in Oracle 9i and 10g allows remote attackers to execute arbitrary SQL commands via the new.table_name or new.column_name parameters.

9.8

CVE-2004-1363

  • EPSS 27.66%
  • Published 04.08.2004 04:00:00
  • Last modified 03.04.2025 01:03:51

Buffer overflow in extproc in Oracle 10g allows remote attackers to execute arbitrary code via environment variables in the library name, which are expanded after the length check is performed.

9

CVE-2004-1371

  • EPSS 32.44%
  • Published 04.08.2004 04:00:00
  • Last modified 03.04.2025 01:03:51

Stack-based buffer overflow in Oracle 9i and 10g allows remote attackers to execute arbitrary code via a long token in the text of a wrapped procedure.

2.1

CVE-2003-0727

  • EPSS 85.76%
  • Published 20.10.2003 04:00:00
  • Last modified 03.04.2025 01:03:51

Multiple buffer overflows in the XML Database (XDB) functionality for Oracle 9i Database Release 2 allow local users to cause a denial of service or hijack user sessions.

9

CVE-2003-0222

  • EPSS 12.51%
  • Published 12.05.2003 04:00:00
  • Last modified 03.04.2025 01:03:51

Stack-based buffer overflow in Oracle Net Services for Oracle Database Server 9i release 2 and earlier allows attackers to execute arbitrary code via a "CREATE DATABASE LINK" query containing a connect string with a long USING parameter.

10

CVE-2003-0095

  • EPSS 33.07%
  • Published 03.03.2003 05:00:00
  • Last modified 03.04.2025 01:03:51

Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, and 8.0.6 allows remote attackers to execute arbitrary code via a long username that is provided during login, as exploitable through client applications that perform their own a...

9

CVE-2003-0096

  • EPSS 46.32%
  • Published 03.03.2003 05:00:00
  • Last modified 03.04.2025 01:03:51

Multiple buffer overflows in Oracle 9i Database release 2, Release 1, 8i, 8.1.7, and 8.0.6 allow remote attackers to execute arbitrary code via (1) a long conversion string argument to the TO_TIMESTAMP_TZ function, (2) a long time zone argument to th...

7.2

CVE-2002-1767

Exploit
  • EPSS 8.25%
  • Published 31.12.2002 05:00:00
  • Last modified 03.04.2025 01:03:51

Buffer overflow in tnslsnr of Oracle 8i Database Server 8.1.5 for Linux allows local users to execute arbitrary code as the oracle user via a long command line argument.