Vulnerabilities > Oracle > Database Server
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-02-04 | CVE-2006-0551 | SQL-Injection vulnerability in Oracle10g Standard Edition SQL injection vulnerability in the Data Pump Metadata API in Oracle Database 10g and possibly earlier might allow remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
| 2006-02-04 | CVE-2006-0549 | SQL-Injection vulnerability in Oracle Database Server 10.1.0.5 SQL injection vulnerability in the SYS.DBMS_METADATA_UTIL package in Oracle Database 10g, and possibly earlier versions, might allow remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
| 2006-02-04 | CVE-2006-0548 | SQL-Injection vulnerability in Oracle Database Server 10.1.0.4.2 SQL injection vulnerability in the Oracle Text component of Oracle Database 10g, and possibly earlier versions, might allow remote attackers to execute arbitrary SQL commands via unknown vectors. | 7.5 |
| 2006-02-04 | CVE-2006-0547 | SQL-Injection vulnerability in Oracle10g Personal Edition Oracle Database 8i, 9i, and 10g allow remote authenticated users to execute arbitrary SQL statements in the context of the SYS user and bypass audit logging, including statements to create new privileged database accounts, via a modified AUTH_ALTER_SESSION attribute in the authentication phase of the Transparent Network Substrate (TNS) protocol. | 7.5 |
| 2006-01-18 | CVE-2006-0291 | Multiple vulnerability in Oracle January Security Update Multiple unspecified vulnerabilities in Oracle Database Server 10.2.0.1, Application Server 9.0.4.2 and 10.1.2.1, Collaboration Suite Release 2, version 9.0.4.2 (Oracle9i), and E-Business Suite and Applications 11.5.10 have unspecified impact and attack vectors, as identified by Oracle Vuln# (1) WF02 and (2) WF03 in the Oracle Workflow Cartridge component. | 10.0 |
| 2006-01-18 | CVE-2006-0290 | Multiple vulnerability in Oracle January Security Update Unspecified vulnerability in Oracle Database Server 9.2.0.7, Application Server 9.0.4.2 and 10.1.2.1, Collaboration Suite Release 2, version 9.0.4.2 (Oracle9i), and E-Business Suite and Applications 11.5.10 has unspecified impact and attack vectors, as identified by Oracle Vuln# WF01 in the Oracle Workflow Cartridge component. | 10.0 |
| 2006-01-18 | CVE-2006-0287 | Multiple vulnerability in Oracle Application Server and Database Server Unspecified vulnerability in the Oracle HTTP Server component of Oracle Database Server 10.1.0.5 and Application Server 10.1.2.0.2 has unspecified impact and attack vectors, as identified by Oracle Vuln# OHS02. | 10.0 |
| 2006-01-18 | CVE-2006-0286 | Multiple vulnerability in Oracle Application Server and Database Server Unspecified vulnerability in the Oracle HTTP Server component of Oracle Database Server 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.7, and 10.1.0.5, and Application Server 1.0.2.2, 9.0.4.2, and 10.1.2.0.2, has unspecified impact and attack vectors, as identified by Oracle Vuln# OHS01. | 10.0 |
| 2006-01-18 | CVE-2006-0285 | Multiple vulnerability in Oracle Application Server and Database Server Unspecified vulnerability in the Java Net component of Oracle Database Server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.7, and 10.1.0.4, and Application Server 1.0.2.2, 9.0.4.2, and 10.1.2.0.2, has unspecified impact and attack vectors, as identified by Oracle Vuln# JN01. | 10.0 |
| 2006-01-18 | CVE-2006-0283 | Multiple vulnerability in Oracle products Unspecified vulnerability in Oracle Database Server 10.1.0.4.2, Application Server 10.1.2.0.2, and Collaboration Suite Release 2, version 9.0.4.2 (Oracle9i) has unspecified impact and attack vectors, as identified by Oracle Vuln# DBC02 in the Reorganize Objects & Convert Tablespace component. | 10.0 |