Vulnerabilities > Oracle > Oracle10G
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-07-18 | CVE-2007-3856 | Unspecified vulnerability in Oracle Database Server and Oracle10G Unspecified vulnerability in the Oracle Data Mining component for Oracle Database 10g Release 2 10.2.0.2 and 10.2.0.3, 10g 10.1.0.5, and Oracle9i Database Release 2 9.2.0.7, 9.2.0.8, and 9.2.0.8DV has unknown impact and remote authenticated attack vectors related to DMSYS.DMP_SYS, aka DB04. | 6.5 |
2006-12-23 | CVE-2006-6703 | Cross-Site Scripting vulnerability in Oracle Portal Container_Tabs.JSP Multiple cross-site scripting (XSS) vulnerabilities in Oracle Portal 9i and 10g allow remote attackers to inject arbitrary JavaScript via the tc parameter in webapp/jsp/container_tabs.jsp, and other unspecified vectors. network oracle | 6.8 |
2006-04-11 | CVE-2006-1705 | Unspecified vulnerability in Oracle Oracle10G and Oracle9I Oracle Database 9.2.0.0 to 10.2.0.3 allows local users with "SELECT" privileges for a base table to insert, update, or delete data by creating a crafted view then performing the operations on that view. | 2.1 |
2006-02-04 | CVE-2006-0552 | Multiple vulnerability in Oracle January Security Update Unspecified vulnerability in the Net Listener component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, and 9.2.0.7 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB11. | 7.5 |
2006-01-18 | CVE-2006-0272 | Multiple vulnerability in Oracle January Security Update Unspecified vulnerability in the XML Database component of Oracle Database server 9.2.0.7 and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB29. | 9.0 |
2006-01-18 | CVE-2006-0271 | Multiple vulnerability in Oracle January Security Update Unspecified vulnerability in the Upgrade & Downgrade component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB28. | 10.0 |
2006-01-18 | CVE-2006-0269 | Multiple vulnerability in Oracle January Security Update Unspecified vulnerability in the Streams Capture component of Oracle Database server 10.1.0.5 and 10.2.0.1 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB25. | 5.5 |
2006-01-18 | CVE-2006-0262 | Multiple vulnerability in Oracle January Security Update Unspecified vulnerability in the Net Foundation Layer component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, 9.2.0.6, and 10.1.0.4 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB08. | 10.0 |
2005-12-31 | CVE-2005-4832 | Remote SQL Injection vulnerability in Oracle 10g Database SUBSCRIPTION_NAME SQL injection vulnerability in the Oracle Database Server 10g allows remote authenticated users to execute arbitrary SQL commands with elevated privileges via the SUBSCRIPTION_NAME parameter in the (1) SYS.DBMS_CDC_SUBSCRIBE and (2) SYS.DBMS_CDC_ISUBSCRIBE packages, a different vector than CVE-2005-1197. | 7.5 |
2005-11-16 | CVE-2005-3641 | Authentication Bypass vulnerability in Oracle Database Windows XP Simple File Sharing Oracle Databases running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication by supplying a valid username. | 7.5 |