Vulnerabilities > Oracle > Database

DATE CVE VULNERABILITY TITLE RISK
2017-04-24 CVE-2017-3567 Unspecified vulnerability in Oracle Database 11.2.0.4/12.1.0.2
Vulnerability in the OJVM component of Oracle Database Server.
network
high complexity
oracle
5.3
2017-01-27 CVE-2017-3310 Unspecified vulnerability in Oracle Database 11.2.0.4/12.1.0.2
Vulnerability in the OJVM component of Oracle Database Server.
network
low complexity
oracle
critical
9.0
2016-10-25 CVE-2016-5572 Permissions, Privileges, and Access Controls vulnerability in Oracle Database 12.1.0.2
Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors.
local
high complexity
oracle CWE-264
6.4
2016-10-25 CVE-2016-5497 Improper Access Control vulnerability in Oracle Database 12.1.0.2
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors.
local
high complexity
oracle CWE-284
6.4
2016-09-01 CVE-2016-2183 Information Exposure vulnerability in multiple products
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack.
network
low complexity
redhat python cisco openssl oracle nodejs CWE-200
7.5
2016-07-21 CVE-2016-3609 Unspecified vulnerability in Oracle Database 11.2.0.4/12.1.0.1/12.1.0.2
Unspecified vulnerability in the OJVM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.
network
low complexity
oracle
critical
9.0
2016-07-21 CVE-2016-3489 Unspecified vulnerability in Oracle Database 11.2.0.4/12.1.0.1/12.1.0.2
Unspecified vulnerability in the Data Pump Import component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors.
local
low complexity
oracle
6.7
2016-07-21 CVE-2016-3488 Unspecified vulnerability in Oracle Database 12.1.0.2
Unspecified vulnerability in the DB Sharding component in Oracle Database Server 12.1.0.2 allows local users to affect integrity via unknown vectors.
local
low complexity
oracle
4.4
2016-07-21 CVE-2016-3484 Unspecified vulnerability in Oracle Database 11.2.0.4/12.1.0.1/12.1.0.2
Unspecified vulnerability in the Database Vault component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality and integrity via unknown vectors.
local
low complexity
oracle
3.4
2016-07-21 CVE-2016-3479 Unspecified vulnerability in Oracle Database 11.2.0.4/12.1.0.2
Unspecified vulnerability in the Portable Clusterware component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote attackers to affect availability via unknown vectors.
network
low complexity
oracle
7.5