Filtered by vendor Oracle
Subscriptions
Total
10331 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2001-0517 | 1 Oracle | 1 Oracle8i | 2025-04-03 | N/A |
| Oracle listener in Oracle 8i on Solaris allows remote attackers to cause a denial of service via a malformed connection packet with a maximum transport data size that is set to 0. | ||||
| CVE-2002-0856 | 1 Oracle | 2 Database Server, Oracle9i | 2025-04-03 | N/A |
| SQL*NET listener for Oracle Net Oracle9i 9.0.x and 9.2 allows remote attackers to cause a denial of service (crash) via certain debug requests that are not properly handled by the debugging feature. | ||||
| CVE-1999-0711 | 1 Oracle | 1 Oracle8i | 2025-04-03 | N/A |
| The oratclsh interpreter in Oracle 8.x Intelligent Agent for Unix allows local users to execute Tcl commands as root. | ||||
| CVE-1999-0888 | 1 Oracle | 2 Database Server, Oracle8i | 2025-04-03 | N/A |
| dbsnmp in Oracle Intelligent Agent allows local users to gain privileges by setting the ORACLE_HOME environmental variable, which dbsnmp uses to find the nmiconf.tcl script. | ||||
| CVE-2001-1372 | 1 Oracle | 1 Application Server | 2025-04-03 | N/A |
| Oracle 9i Application Server 1.0.2 allows remote attackers to obtain the physical path of a file under the server root via a request for a non-existent .JSP file, which leaks the pathname in an error message. | ||||
| CVE-1999-1125 | 1 Oracle | 1 Http Server | 2025-04-03 | N/A |
| Oracle Webserver 2.1 and earlier runs setuid root, but the configuration file is owned by the oracle account, which allows any local or remote attacker who obtains access to the oracle account to gain privileges or modify arbitrary files by modifying the configuration file. | ||||
| CVE-2000-0818 | 1 Oracle | 1 Listener | 2025-04-03 | N/A |
| The default installation for the Oracle listener program 7.3.4, 8.0.6, and 8.1.6 allows an attacker to cause logging information to be appended to arbitrary files and execute commands via the SET TRC_FILE or SET LOG_FILE commands. | ||||
| CVE-1999-1256 | 1 Oracle | 1 Database Assistant | 2025-04-03 | N/A |
| Oracle Database Assistant 1.0 in Oracle 8.0.3 Enterprise Edition stores the database master password in plaintext in the spoolmain.log file when a new database is created, which allows local users to obtain the password from that file. | ||||
| CVE-1999-1547 | 1 Oracle | 1 Web Listener | 2025-04-03 | N/A |
| Oracle Web Listener 2.1 allows remote attackers to bypass access restrictions by replacing a character in the URL with its HTTP-encoded (hex) equivalent. | ||||
| CVE-2001-0833 | 1 Oracle | 1 Database Server | 2025-04-03 | N/A |
| Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable, aka the "Oracle Trace Collection Security Vulnerability." | ||||
| CVE-2006-3717 | 1 Oracle | 1 E-business Suite | 2025-04-03 | N/A |
| Multiple unspecified vulnerabilities in Oracle E-Business Suite and Applications 11.5.9 have unknown impact and attack vectors, aka Oracle Vuln# (1) APPS03 and (2) APPS04 for Oracle Application Object Library; and (3) APPS20 for Oracle XML Gateway. | ||||
| CVE-2005-0711 | 3 Mysql, Oracle, Redhat | 4 Mysql, Mysql, Enterprise Linux and 1 more | 2025-04-03 | N/A |
| MySQL 4.0.23 and earlier, and 4.1.x up to 4.1.10, uses predictable file names when creating temporary tables, which allows local users with CREATE TEMPORARY TABLE privileges to overwrite arbitrary files via a symlink attack. | ||||
| CVE-2000-0576 | 1 Oracle | 1 Web Listener | 2025-04-03 | N/A |
| Oracle Web Listener for AIX versions 4.0.7.0.0 and 4.0.8.1.0 allows remote attackers to cause a denial of service via a malformed URL. | ||||
| CVE-2002-0969 | 2 Microsoft, Oracle | 2 Windows, Mysql | 2025-04-03 | 7.8 High |
| Buffer overflow in MySQL daemon (mysqld) before 3.23.50, and 4.0 beta before 4.02, on the Win32 platform, allows local users to execute arbitrary code via a long "datadir" parameter in the my.ini initialization file, whose permissions on Windows allow Full Control to the Everyone group. | ||||
| CVE-1999-1188 | 1 Oracle | 1 Mysql | 2025-04-03 | N/A |
| mysqld in MySQL 3.21 creates log files with world-readable permissions, which allows local users to obtain passwords for users who are added to the user database. | ||||
| CVE-2005-3447 | 1 Oracle | 2 Application Server, Database Server | 2025-04-03 | N/A |
| Unspecified vulnerability in Single Sign-On in Oracle Database Server 10g up to 10.1.0.4.2 and Application Server 9.0.2.3 up to 9.0.4.2 has unknown impact and attack vectors, aka Oracle Vuln# DB33 and AS08. | ||||
| CVE-2005-3448 | 1 Oracle | 1 Application Server | 2025-04-03 | N/A |
| Unspecified vulnerability in the OC4J Module in Oracle Application Server 9.0 up to 10.1.2.0.2 has unknown impact and attack vectors, as identified by Oracle Vuln# AS01. | ||||
| CVE-2005-3465 | 2 Jdedwards, Oracle | 2 Oneworld Xe, Enterpriseone | 2025-04-03 | N/A |
| Unspecified vulnerability in JDEdwards HTML Server in Oracle EnterpriseOne 8.94 OneWorld XE up to 8.95_B1, 8.94_Q1, and SP23_K1 has unknown impact and attack vectors, as identified by Oracle Vuln# JDE01. | ||||
| CVE-2001-0941 | 1 Oracle | 1 Database Server | 2025-04-03 | N/A |
| Buffer overflow in dbsnmp in Oracle 8.0.6 through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable. | ||||
| CVE-2001-0943 | 1 Oracle | 1 Database Server | 2025-04-03 | N/A |
| dbsnmp in Oracle 8.0.5 and 8.1.5, under certain conditions, trusts the PATH environment variable to find and execute the (1) chown or (2) chgrp commands, which allows local users to execute arbitrary code by modifying the PATH to point to Trojan Horse programs. | ||||