Total
504 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2015-0479 | 1 Oracle | 1 Database Server | 2025-04-12 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the XDK and XDB - XML Database component in Oracle Database Server 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect availability via unknown vectors. | |||||
| CVE-2016-0461 | 1 Oracle | 1 Database Server | 2025-04-12 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the XDB - XML Database component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect availability via unknown vectors. | |||||
| CVE-2014-6578 | 1 Oracle | 1 Database Server | 2025-04-12 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in the Workspace Manager component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SDO_TOPO and WMSYS.LT. | |||||
| CVE-2014-6577 | 1 Oracle | 1 Database Server | 2025-04-12 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in the XML Developer's Kit for C component in Oracle Database Server 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors. NOTE: the previous information is from the January 2015 CPU. Oracle has not commented on the original researcher's claim that this is an XML external entity (XXE) vulnerability in the XML parser, which allows attackers to conduct internal port scanning, perform SSRF attacks, or cause a denial of service via a crafted (1) http: or (2) ftp: URI. | |||||
| CVE-2011-0832 | 1 Oracle | 1 Database Server | 2025-04-11 | 6.0 MEDIUM | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.1, and 11.2.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2011-0835 and CVE-2011-0880. | |||||
| CVE-2011-2238 | 1 Oracle | 1 Database Server | 2025-04-11 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect integrity, related to DBMS_SYS_SQL. | |||||
| CVE-2011-0793 | 1 Oracle | 1 Database Server | 2025-04-11 | 3.6 LOW | N/A |
| Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect integrity and availability, related to SYSDBA. | |||||
| CVE-2012-3146 | 1 Oracle | 1 Database Server | 2025-04-11 | 2.1 LOW | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect integrity via unknown vectors. | |||||
| CVE-2014-0378 | 1 Oracle | 1 Database Server | 2025-04-11 | 4.1 MEDIUM | N/A |
| Unspecified vulnerability in the Spatial component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, and 12.1.0.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2012-3134 | 1 Oracle | 1 Database Server | 2025-04-11 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect availability via unknown vectors. | |||||
| CVE-2012-1708 | 1 Oracle | 1 Database Server | 2025-04-11 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Application Express component in Oracle Database Server 4.0 and 4.1 allows remote attackers to affect integrity via unknown vectors. | |||||
| CVE-2011-2242 | 1 Oracle | 1 Database Server | 2025-04-11 | 1.3 LOW | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.2.0.1 and 11.2.0.2 allows local users to affect confidentiality, related to XML DB FTP. | |||||
| CVE-2011-3511 | 1 Oracle | 1 Database Server | 2025-04-11 | 3.6 LOW | N/A |
| Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.2 allows remote authenticated users to affect integrity and availability via unknown vectors related to Privileged Account. | |||||
| CVE-2010-2411 | 1 Oracle | 1 Database Server | 2025-04-11 | 4.6 MEDIUM | N/A |
| Unspecified vulnerability in the Job Queue component in Oracle Database Server 11.2.0.1, 11.1.0.7, 10.2.0.3, 10.2.0.4, and 10.1.0.5 allows remote authenticated users to affect confidentiality, integrity, and availability, related to SYS.DBMS_IJOB. | |||||
| CVE-2012-0519 | 2 Microsoft, Oracle | 2 Windows, Database Server | 2025-04-11 | 7.1 HIGH | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.2.0.2, when running on Windows, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | |||||
| CVE-2010-0892 | 1 Oracle | 1 Database Server | 2025-04-11 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Application Express component in Oracle Database Server 3.2.0.00.27 allows remote attackers to affect integrity via unknown vectors. | |||||
| CVE-2010-0911 | 1 Oracle | 1 Database Server | 2025-04-11 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the Listener component in Oracle Database Server 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote attackers to affect availability via unknown vectors. | |||||
| CVE-2011-0877 | 1 Oracle | 2 Database Server, Enterprise Manager Grid Control | 2025-04-11 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Instance Management component in Oracle Database Server 10.1.0.5, 10.2.0.3, and 10.2.0.4, and Oracle Enterprise Manager Grid Control 10.1.0.6, allows remote attackers to affect integrity via unknown vectors. | |||||
| CVE-2010-0900 | 2 Microsoft, Oracle | 2 Windows, Database Server | 2025-04-11 | 2.6 LOW | N/A |
| Unspecified vulnerability in the Network Layer component in Oracle Database Server 9.2.0.8, 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1, when running on Windows, allows remote attackers to affect availability via unknown vectors. | |||||
| CVE-2010-3600 | 1 Oracle | 2 Database Server, Enterprise Manager Grid Control | 2025-04-11 | 7.5 HIGH | N/A |
| Unspecified vulnerability in the Client System Analyzer component in Oracle Database Server 11.1.0.7 and 11.2.0.1 and Enterprise Manager Grid Control 10.2.0.5 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable third party coordinator that this issue involves an exposed JSP script that accepts XML uploads in conjunction with NULL bytes in an unspecified parameter that allow execution of arbitrary code. | |||||