- EPSS 18.15%
- Veröffentlicht 07.03.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:11:36
Directory traversal vulnerability in Oracle Database Server 8i and 9i allows remote attackers to read or rename arbitrary files via "\\.\\.." (modified dot dot backslash) sequences to UTL_FILE functions such as (1) UTL_FILE.FOPEN or (2) UTL_FILE.fre...
CVE-2005-0297
- EPSS 2.38%
- Veröffentlicht 18.01.2005 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:10:51
SQL injection vulnerability in Oracle Database 9i and 10g allows remote attackers to execute arbitrary SQL commands and gain privileges.
CVE-2004-2345
- EPSS 1.44%
- Veröffentlicht 31.12.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:09:29
Unknown multiple vulnerabilities in Oracle9i Database Server 9.0.1.4, 9.0.1.5, 9.2.0.3, and 9.2.0.4 allow local users with the ability to invoke SQL to cause a denial of service or obtain sensitive information.
CVE-2004-1338
- EPSS 1.19%
- Veröffentlicht 23.12.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:07:30
The triggers in Oracle 9i and 10g allow local users to gain privileges by using a sequence of partially privileged actions: using CCBKAPPLROWTRIG or EXEC_CBK_FN_DML to add arbitrary functions to the SDO_CMT_DBK_FN_TABLE and SDO_CMT_CBK_DML_TABLE, the...
CVE-2004-1339
- EPSS 1.48%
- Veröffentlicht 23.12.2004 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:07:30
SQL injection vulnerability in the (1) MDSYS.SDO_GEOM_TRIG_INS1 and (2) MDSYS.SDO_LRS_TRIG_INS default triggers in Oracle 9i and 10g allows remote attackers to execute arbitrary SQL commands via the new.table_name or new.column_name parameters.
CVE-2004-1363
- EPSS 9.1%
- Veröffentlicht 04.08.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:07:33
Buffer overflow in extproc in Oracle 10g allows remote attackers to execute arbitrary code via environment variables in the library name, which are expanded after the length check is performed.
- EPSS 10.77%
- Veröffentlicht 04.08.2004 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:07:34
Stack-based buffer overflow in Oracle 9i and 10g allows remote attackers to execute arbitrary code via a long token in the text of a wrapped procedure.
CVE-2003-0727
- EPSS 68.55%
- Veröffentlicht 20.10.2003 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:02:43
Multiple buffer overflows in the XML Database (XDB) functionality for Oracle 9i Database Release 2 allow local users to cause a denial of service or hijack user sessions.
- EPSS 11.04%
- Veröffentlicht 12.05.2003 04:00:00
- Zuletzt bearbeitet 16.06.2026 22:01:46
Stack-based buffer overflow in Oracle Net Services for Oracle Database Server 9i release 2 and earlier allows attackers to execute arbitrary code via a "CREATE DATABASE LINK" query containing a connect string with a long USING parameter.
- EPSS 13.11%
- Veröffentlicht 03.03.2003 05:00:00
- Zuletzt bearbeitet 16.06.2026 22:01:30
Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, and 8.0.6 allows remote attackers to execute arbitrary code via a long username that is provided during login, as exploitable through client applications that perform their own a...