Vulnerabilities > Oracle > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2008-07-15 | CVE-2008-2587 | Unspecified vulnerability in Oracle Advanced Replication, Database 9I and Database Server Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 has unknown impact and local attack vectors. local oracle | 1.5 |
| 2008-07-15 | CVE-2008-2590 | Unspecified vulnerability in Oracle products Unspecified vulnerability in the Instance Management component in Oracle Database 10.1.0.5 and Enterprise Manager 10.1.0.6 has unknown impact and remote authenticated attack vectors. network oracle | 3.5 |
| 2008-07-15 | CVE-2008-2603 | Unspecified vulnerability in Oracle Enterprise Manager 10.1.0.5/10.2.0.4/11.1.0.6 Unspecified vulnerability in the Resource Manager component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6, and Database Control in Enterprise Manager, has unknown impact and remote authenticated attack vectors. network oracle | 3.5 |
| 2007-12-10 | CVE-2007-6303 | Privilege Escalation And Denial Of Service vulnerability in MySQL Server MySQL 5.0.x before 5.0.51a, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement. | 3.5 |
| 2007-05-16 | CVE-2007-2693 | Information Disclosure vulnerability in MySQL Alter Table Function MySQL before 5.1.18 allows remote authenticated users without SELECT privileges to obtain sensitive information from partitioned tables via an ALTER TABLE statement. | 3.5 |
| 2007-05-16 | CVE-2007-2702 | Cross-Site Scripting vulnerability in Oracle Weblogic Portal 9.2 Cross-site scripting (XSS) vulnerability in the GroupSpace application in BEA WebLogic Portal 9.2 GA allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors related to the rich text editor. network oracle | 3.5 |
| 2007-05-16 | CVE-2007-2703 | Remote Security vulnerability in Oracle Weblogic Portal 9.2 BEA WebLogic Portal 9.2 GA can corrupt a visitor entitlements role if an administrator provides a long role description, which might allow remote authenticated users to access privileged resources. | 3.6 |
| 2007-03-12 | CVE-2007-1420 | Remote Denial Of Service vulnerability in MySQL Single Row SubSelect MySQL 5.x before 5.0.36 allows local users to cause a denial of service (database crash) by performing information_schema table subselects and using ORDER BY to sort a single-row result, which prevents certain structure elements from being initialized and triggers a NULL dereference in the filesort function. | 2.1 |
| 2007-01-17 | CVE-2007-0275 | Cross-Site Scripting vulnerability in Oracle products Cross-site scripting (XSS) vulnerability in Oracle Reports Web Cartridge (RWCGI60) in the Workflow Cartridge component, as used in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3; Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2; Collaboration Suite 10.1.2; and Oracle E-Business Suite and Applications 11.5.10CU2; allows remote authenticated users to inject arbitrary HTML or web script via the genuser parameter to rwcgi60, aka OWF01. | 3.5 |
| 2007-01-17 | CVE-2007-0282 | Multiple vulnerability in Oracle products Unspecified vulnerability in Oracle HTTP Server 9.0.1.5, Application Server 9.0.4.2 and 10.1.2.0.0, and Collaboration Suite 9.0.4.2 has unknown impact and attack vectors related to the Oracle Process Mgmt & Notification component, aka OPMN02. | 3.2 |