Vulnerabilities > Oracle > Low

DATE CVE VULNERABILITY TITLE RISK
2009-01-14 CVE-2008-3973 Multiple vulnerability in Oracle Database 10G and Database 11G
Unspecified vulnerability in the SQL*Plus Windows GUI component in Oracle Database allows local users to affect confidentiality via unknown vectors.
local
low complexity
oracle
1.7
2008-10-14 CVE-2008-2588 Local Security vulnerability in Oracle Jdeveloper 10.1.2.2
Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.2 allows local users to affect confidentiality via unknown vectors.
local
low complexity
oracle
2.1
2008-10-14 CVE-2008-2619 Unspecified vulnerability in Oracle Application Server and E-Business Suite
Unspecified vulnerability in the Oracle Reports Developer component in Oracle Application Server 1.0.2.2, 9.0.4.3, and 10.1.2.2, and E-Business Suite 11.5.10.2, allows remote authenticated users to affect availability via unknown vectors.
local
low complexity
oracle
1.7
2008-10-14 CVE-2008-3986 Unspecified vulnerability in Oracle Application Server 10.1.2.2/9.0.4.3
Unspecified vulnerability in the Oracle Discoverer Administrator component in Oracle Application Server 9.0.4.3 and 10.1.2.2 allows local users to affect confidentiality via unknown vectors.
local
high complexity
oracle
1.0
2008-10-14 CVE-2008-3987 Unspecified vulnerability in Oracle Application Server 10.1.2.3
Unspecified vulnerability in the Oracle Discoverer Desktop component in Oracle Application Server 10.1.2.3 allows local users to affect confidentiality via unknown vectors.
local
high complexity
oracle
1.0
2008-10-14 CVE-2008-3993 Unspecified vulnerability in Oracle E-Business Suite 10.2/11.5/12.0.4
Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite 11.5.10.2 and 12.0.4 allows remote authenticated users to affect integrity via unknown vectors.
network
oracle
3.5
2008-10-14 CVE-2008-4002 Unspecified vulnerability in Oracle JD Edwards Enterpriseone and Peoplesoft Enterprise
Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.18 and 8.49.14 allows remote authenticated users to affect confidentiality via unknown vectors.
network
oracle
3.5
2008-10-14 CVE-2008-4004 Unspecified vulnerability in the JDE EnterpriseOne Business Service Server component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.97.2.2 and 8.98.0.1 allows local users to affect confidentiality and integrity via unknown vectors.
local
low complexity
jdedwards oracle
3.2
2008-10-14 CVE-2008-4011 Unspecified vulnerability in Oracle BEA Product Suite
Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, and 9.0 allows remote authenticated users to affect integrity via unknown vectors.
network
high complexity
oracle
2.1
2008-10-06 CVE-2008-4456 Cross-Site Scripting vulnerability in multiple products
Cross-site scripting (XSS) vulnerability in the command-line client in MySQL 5.0.26 through 5.0.45, and other versions including versions later than 5.0.45, when the --html option is enabled, allows attackers to inject arbitrary web script or HTML by placing it in a database cell, which might be accessed by this client when composing an HTML document.
network
high complexity
mysql oracle CWE-79
2.6