Filtered by vendor Oracle
Subscriptions
Filtered by product Database Server
Subscriptions
Total
504 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2008-0340 | 1 Oracle | 5 Application Server, Collaboration Suite, Database Server and 2 more | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote attack vectors, related to the (1) Advanced Queuing component (DB02) and (2) Oracle Spatial component (DB04). | ||||
| CVE-2008-0339 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 has unknown impact and remote attack vectors, aka DB01. | ||||
| CVE-2007-6260 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| The installation process for Oracle 10g and llg uses accounts with default passwords, which allows remote attackers to obtain login access by connecting to the Listener. NOTE: at the end of the installation, if performed using the Database Configuration Assistant (DBCA), most accounts are disabled or their passwords are changed. | ||||
| CVE-2007-5897 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Buffer overflow in MDSYS.SDO_CS in Oracle Database Server 8iR3, 9iR1, 9iR2 up to 9.2.0.6, and 10gR1 up to 10.1.0.4 allows remote authenticated users to cause a denial of service (crash) and execute arbitrary code via the TRANSFORM function. NOTE: this issue might already be covered by CVE-2007-5515, CVE-2007-5509, or CVE-2007-5505, but there are insufficient details to be sure. | ||||
| CVE-2007-5531 | 1 Oracle | 3 Application Server, Database Server, Enterprise Manager | 2025-04-09 | N/A |
| Unspecified vulnerability in Oracle Help for Web, as used in Oracle Application Server, Oracle Database 10.2.0.3, and Enterprise Manager 10.1.0.6, has unknown impact and remote attack vectors, aka EM02. | ||||
| CVE-2007-5530 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in the Database Control component in Oracle Database 10.1.0.5 and 10.2.0.3, and Enterprise Manager, has unknown impact and remote attack vectors, aka EM01. | ||||
| CVE-2007-5520 | 1 Oracle | 2 Application Server, Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in the Oracle Internet Directory component in Oracle Database 9.2.0.8 and 9.2.0.8DV, and Oracle Application Server 9.0.4.3, 10.1.3.0.0 up to 10.1.3.3.0, and 10.1.2.0.1 up to 10.1.2.2.0, has unknown impact and remote attack vectors, aka AS05. | ||||
| CVE-2007-5515 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in the Spatial component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.2, and 10.2.0.3 has unknown impact and remote attack vectors, aka DB27. | ||||
| CVE-2007-5514 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in Oracle Database 10.2.0.3 have unknown impact and attack vectors related to (1) Database Vault component (DB24) and (2) SQL Execution component (DB26). | ||||
| CVE-2007-5513 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| The XML DB (XMLDB) component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 generates incorrect audit entries in the USERID column in which (1) long usernames are trimmed to 5 characters, or (2) short entries contain any extra characters from usernames in previous entries, aka DB23. | ||||
| CVE-2007-5512 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in the Oracle Database Vault component in Oracle Database 9.2.0.8DV and 10.2.0.3 has unknown impact and remote attack vectors, aka DB21. | ||||
| CVE-2007-5511 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| SQL injection vulnerability in Workspace Manager for Oracle Database before OWM 10.2.0.4.1, OWM 10.1.0.8.0, and OWM 9.2.0.8.0 allows attackers to execute arbitrary SQL commands via the FINDRICSET procedure in the LT package. NOTE: this is probably covered by CVE-2007-5510, but there are insufficient details to be certain. | ||||
| CVE-2007-5506 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| The Core RDBMS component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service (CPU consumption) via a crafted type 6 Data packet, aka DB20. | ||||
| CVE-2007-5505 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 have unknown impact and remote attack vectors, related to (1) the Export component (DB02), (2) Oracle Text (DB04), (3) Oracle Text (DB05), (4) Spatial component (DB07), and (5) Advanced Security Option (DB19). | ||||
| CVE-2007-5504 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in Oracle Database 9.0.1.5+ and 10.1.0.5 unknown impact and remote attack vectors, related to (1) Import (DB01) and (2) Advanced Queuing (DB25). NOTE: as of 20071108, Oracle has not disputed reliable researcher claims that DB25 is for a buffer overflow in the DBLINK_INFO procedure in the DBMS_AQADM_SYS package. | ||||
| CVE-2007-4822 | 2 Buffalotech, Oracle | 2 Airstation Whr-g54s, Database Server | 2025-04-09 | N/A |
| Cross-site request forgery (CSRF) vulnerability in the device management interface in Buffalo AirStation WHR-G54S 1.20 allows remote attackers to make configuration changes as an administrator via HTTP requests to certain HTML pages in the res parameter with an inp req parameter to cgi-bin/cgi, as demonstrated by accessing (1) ap.html and (2) filter_ip.html. | ||||
| CVE-2007-4517 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Buffer overflow in the XDB.XDB_PITRIG_PKG.PITRIG_DROPMETADATA procedure in Oracle 10g R2 allows remote authenticated users to execute arbitrary code via a long (1) OWNER or (2) NAME argument. | ||||
| CVE-2007-3859 | 1 Oracle | 3 Application Server, Collaboration Suite, Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in the Oracle Internet Directory component for Oracle Database 9.2.0.8 and 9.2.0.8DV; Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2; and Collaboration Suite 10.1.2 has unknown impact and remote attack vectors, aka OID01. | ||||
| CVE-2007-3858 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in Oracle Database 10.2.0.3 allow remote authenticated users to have an unknown impact via (1) EXFSYS.DBMS_RLMGR_UTL in Rules Manager (DB11) and (2) Program Interface (DB13). | ||||
| CVE-2007-3857 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 allow remote authenticated users to have an unknown impact via (a) the Oracle Text component, including (1) unspecified vectors (DB05), (2) CTXSYS.DRVXMD (DB06), (3) CTXSYS.DRI_MOVE_CTXSYS (DB07), (4) CTXSYS.DRVXMD (DB08), and (b) JavaVM (DB14). | ||||