Vulnerabilities > Oracle
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-01-18 | CVE-2006-0258 | Multiple vulnerability in Oracle Database Server 8.1.7.4/9.0.1.5 Unspecified vulnerability in the Connection Manager component of Oracle Database server 8.1.7.4 and 9.0.1.5 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB03. | 10.0 |
| 2006-01-18 | CVE-2006-0257 | Multiple vulnerability in Oracle Database Server 10.1.0.5/10.2.0.1/9.2.0.7 Unspecified vulnerability in the Change Data Capture component of Oracle Database server 9.2.0.7, 10.1.0.5, and 10.2.0.1 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB02. | 10.0 |
| 2006-01-18 | CVE-2006-0256 | Multiple vulnerability in Oracle January Security Update Unspecified vulnerability in the Advanced Queuing component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.2.0.6, 10.1.0.3 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB01. | 10.0 |
| 2005-12-31 | CVE-2005-4832 | Remote SQL Injection vulnerability in Oracle 10g Database SUBSCRIPTION_NAME SQL injection vulnerability in the Oracle Database Server 10g allows remote authenticated users to execute arbitrary SQL commands with elevated privileges via the SUBSCRIPTION_NAME parameter in the (1) SYS.DBMS_CDC_SUBSCRIBE and (2) SYS.DBMS_CDC_ISUBSCRIBE packages, a different vector than CVE-2005-1197. | 7.5 |
| 2005-12-28 | CVE-2005-4550 | Remote vulnerability in Oracle Application Server Discussion Forum Portlet The PORTAL schema in Oracle Application Server (OracleAS) Discussion Forum Portlet allows remote attackers to obtain the source code for arbitrary JSP and other files via a df_next_page parameter with a trailing null byte (%00). | 5.0 |
| 2005-12-28 | CVE-2005-4549 | Remote vulnerability in Oracle Application Server Discussion Forum Portlet Cross-site scripting (XSS) vulnerability in Oracle Application Server (OracleAS) Discussion Forum Portlet allows remote attackers to inject arbitrary web script or HTML via the (1) RowKeyValue parameter in the PORTAL schema; and the (2) title and (3) content input fields when creating an forum article. network oracle | 4.3 |
| 2005-11-16 | CVE-2005-3641 | Authentication Bypass vulnerability in Oracle Database Windows XP Simple File Sharing Oracle Databases running on Windows XP with Simple File Sharing enabled, allows remote attackers to bypass authentication by supplying a valid username. | 7.5 |
| 2005-11-02 | CVE-2005-3466 | Multiple vulnerability in Oracle Peoplesoft Enterprise Customer Relationship Management 8.81/8.9 Unspecified vulnerability in Enterprise CRM Sales in Oracle 8.81 up to 8.9 has unknown impact and attack vectors, as identified by Oracle Vuln# CRM01. | 10.0 |
| 2005-11-02 | CVE-2005-3465 | Multiple vulnerability in Oracle October Security Update Unspecified vulnerability in JDEdwards HTML Server in Oracle EnterpriseOne 8.94 OneWorld XE up to 8.95_B1, 8.94_Q1, and SP23_K1 has unknown impact and attack vectors, as identified by Oracle Vuln# JDE01. | 10.0 |
| 2005-11-02 | CVE-2005-3464 | Multiple vulnerability in Oracle October Security Update Unspecified vulnerability in PeopleTools in Oracle PeopleSoft Enterprise 8.44 up to 8.46 has unknown impact and attack vectors, as identified by Oracle Vuln# PSE04. | 10.0 |