Vulnerabilities > Oracle > Database > 12.1.0.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-09-01 | CVE-2016-2183 | Information Exposure vulnerability in multiple products The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack. | 7.5 |
| 2016-07-21 | CVE-2016-3609 | Unspecified vulnerability in Oracle Database 11.2.0.4/12.1.0.1/12.1.0.2 Unspecified vulnerability in the OJVM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. | 9.0 |
| 2016-07-21 | CVE-2016-3489 | Unspecified vulnerability in Oracle Database 11.2.0.4/12.1.0.1/12.1.0.2 Unspecified vulnerability in the Data Pump Import component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors. | 6.7 |
| 2016-07-21 | CVE-2016-3488 | Unspecified vulnerability in Oracle Database 12.1.0.2 Unspecified vulnerability in the DB Sharding component in Oracle Database Server 12.1.0.2 allows local users to affect integrity via unknown vectors. | 4.4 |
| 2016-07-21 | CVE-2016-3484 | Unspecified vulnerability in Oracle Database 11.2.0.4/12.1.0.1/12.1.0.2 Unspecified vulnerability in the Database Vault component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality and integrity via unknown vectors. | 3.4 |
| 2016-07-21 | CVE-2016-3479 | Unspecified vulnerability in Oracle Database 11.2.0.4/12.1.0.2 Unspecified vulnerability in the Portable Clusterware component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote attackers to affect availability via unknown vectors. | 7.5 |
| 2016-04-21 | CVE-2016-3454 | Unspecified vulnerability in Oracle Database 11.2.0.4/12.1.0.1/12.1.0.2 Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | 9.0 |
| 2016-04-21 | CVE-2016-0691 | Unspecified vulnerability in Oracle Database 11.2.0.4/12.1.0.1/12.1.0.2 Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect integrity via unknown vectors, a different vulnerability than CVE-2016-0690. | 3.3 |
| 2016-04-21 | CVE-2016-0690 | Unspecified vulnerability in Oracle Database 11.2.0.4/12.1.0.1/12.1.0.2 Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect integrity via unknown vectors, a different vulnerability than CVE-2016-0691. | 3.3 |
| 2016-04-21 | CVE-2016-0677 | Unspecified vulnerability in Oracle Database 12.1.0.1/12.1.0.2 Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.1 and 12.1.0.2 allows remote attackers to affect availability via unknown vectors. | 5.9 |