CVE-2007-3856

all versions

Unspecified vulnerability in the Oracle Data Mining component for Oracle Database 10g Release 2 10.2.0.2 and 10.2.0.3, 10g 10.1.0.

CVE-2006-6703

all versions

Multiple cross-site scripting (XSS) vulnerabilities in Oracle Portal 9i and 10g allow remote attackers to inject arbitrary JavaScr

CVE-2006-1705

all versions

Oracle Database 9.2.0.0 to 10.2.0.3 allows local users with "SELECT" privileges for a base table to insert, update, or delete data

CVE-2006-0586

all versions

Multiple SQL injection vulnerabilities in Oracle 10g Release 1 before CPU Jan 2006 allow remote attackers to execute arbitrary SQL

CVE-2006-0552

all versions

Unspecified vulnerability in the Net Listener component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, and 9.2.0.7 has

CVE-2006-0272

all versions

Unspecified vulnerability in the XML Database component of Oracle Database server 9.2.0.7 and 10.1.0.4 has unspecified impact and

CVE-2006-0271

all versions

Unspecified vulnerability in the Upgrade & Downgrade component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 h

CVE-2006-0269

all versions

Unspecified vulnerability in the Streams Capture component of Oracle Database server 10.1.0.5 and 10.2.0.1 has unspecified impact

CVE-2006-0262

all versions

Unspecified vulnerability in the Net Foundation Layer component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.6,

CVE-2005-4832

all versions

SQL injection vulnerability in the Oracle Database Server 10g allows remote authenticated users to execute arbitrary SQL commands

CVE-2005-3641

all versions

Oracle Databases running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication by suppl

CVE-2005-1496

all versions

The DBMS_Scheduler in Oracle 10g allows remote attackers with CREATE JOB privileges to gain additional privileges by changing SESS

CVE-2005-1495

all versions

Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the SYS user executes a SELECT statement on an FGA object, whic

CVE-2004-1774

all versions

Buffer overflow in the SDO_CODE_SIZE procedure of the MD2 package (MDSYS.MD2.SDO_CODE_SIZE) in Oracle 10g before 10.1.0.2 Patch 2

CVE-2004-1371

all versions

Stack-based buffer overflow in Oracle 9i and 10g allows remote attackers to execute arbitrary code via a long token in the text of

CVE-2004-1370

all versions

Multiple SQL injection vulnerabilities in PL/SQL procedures that run with definer rights in Oracle 9i and 10g allow remote attacke

CVE-2004-1369

all versions

The TNS Listener in Oracle 10g allows remote attackers to cause a denial of service (listener crash) via a malformed service_regis

CVE-2004-1368

all versions

ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file

CVE-2004-1367

all versions

Oracle 10g Database Server, when installed with a password that contains an exclamation point ("!") for the (1) DBSNMP or (2) SYSM

CVE-2004-1366

all versions

Oracle 10g Database Server stores the password for the SYSMAN account in cleartext in the world-readable emoms.properties file, wh

CVE-2004-1365

all versions

Extproc in Oracle 9i and 10g does not require authentication to load a library or execute a function, which allows local users to

CVE-2004-1364

all versions

Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote attackers to access arbitrary libraries outside of

CVE-2004-1362

all versions

The PL/SQL module for the Oracle HTTP Server in Oracle Application Server 10g, when using the WE8ISO8859P1 character set, does not