Vulnerabilities > Oracle > Database
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-19 | CVE-2017-10292 | Improper Privilege Management vulnerability in Oracle Database 11.2.0.4/12.1.0.2/12.2.0.1 Vulnerability in the RDBMS Security component of Oracle Database Server. | 1.7 |
| 2017-10-19 | CVE-2017-10261 | Information Exposure vulnerability in Oracle Database 11.2.0.4/12.1.0.2 Vulnerability in the XML Database component of Oracle Database Server. | 4.0 |
| 2017-10-19 | CVE-2017-10190 | Unspecified vulnerability in Oracle Database 11.2.0.4/12.1.0.2/12.2.0.1 Vulnerability in the Java VM component of Oracle Database Server. | 4.3 |
| 2017-08-08 | CVE-2017-10202 | Unspecified vulnerability in Oracle Database 11.2.0.4/12.1.0.2/12.2.0.1 Vulnerability in the OJVM component of Oracle Database Server. | 6.5 |
| 2017-04-24 | CVE-2017-3567 | Remote Security vulnerability in Oracle Database 11.2.0.4/12.1.0.2 Vulnerability in the OJVM component of Oracle Database Server. network oracle | 3.5 |
| 2017-01-27 | CVE-2017-3310 | Remote Security vulnerability in Oracle Database 11.2.0.4/12.1.0.2 Vulnerability in the OJVM component of Oracle Database Server. network oracle | 6.0 |
| 2016-10-25 | CVE-2016-5572 | Permissions, Privileges, and Access Controls vulnerability in Oracle Database 12.1.0.2 Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors. | 4.4 |
| 2016-10-25 | CVE-2016-5497 | Improper Access Control vulnerability in Oracle Database 12.1.0.2 Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors. | 4.4 |
| 2016-09-01 | CVE-2016-2183 | Information Exposure vulnerability in multiple products The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack. | 7.5 |
| 2016-07-21 | CVE-2016-3609 | Remote Security vulnerability in Oracle Database 11.2.0.4/12.1.0.1/12.1.0.2 Unspecified vulnerability in the OJVM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors. network oracle | 8.5 |