Filtered by vendor Oracle
Subscriptions
Total
10328 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-1506 | 1 Oracle | 1 Application Server Portal | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in PORTAL.wwv_main.render_warning_screen in the Oracle Portal 10g allows remote attackers to inject arbitrary web script or HTML via the (1) p_oldurl and (2) p_newurl parameters. | ||||
| CVE-2007-1609 | 1 Oracle | 1 Application Server | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in servlet/Spy in Dynamic Monitoring Services (DMS) in Oracle Application Server (OAS) 10g 10.1.2.0.0 allows remote attackers to inject arbitrary web script or HTML via the table parameter. NOTE: This may be related to CVE-2002-0563. | ||||
| CVE-2006-5353 | 1 Oracle | 2 Application Server, Collaboration Suite | 2025-04-09 | N/A |
| Unspecified vulnerability in Oracle HTTP Server component in Oracle Application Server 9.0.4.3, 10.1.2.0.2, 10.1.2.1.0, and 10.1.3.0.0, and Oracle Collaboration Suite 9.0.4.2 and 10.1.2, has unknown impact and remote attack vectors related to the Mod_rewrite Module, aka Vuln# OHS01. | ||||
| CVE-2006-5378 | 1 Oracle | 1 Enterpriseone | 2025-04-09 | N/A |
| Unspecified vulnerability in JD Edwards HTML Server in JD Edwards EnterpriseOne SP23_O2, 8.95.P1, and 8.96.D1 has unknown impact and remote authenticated attack vectors, aka Vuln# JDE01. | ||||
| CVE-2007-2114 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.2 have unknown impact and remote authenticated attack vectors, related to (1) Change Data Capture (CDC), aka DB08, and (2) Oracle Instant Client, aka DB11. NOTE: as of 20070424, oracle has not disputed reliable claims that these issues are buffer overflows using a long CHANGE_TABLE_NAME parameter to the DBMS_CDC_IPUBLISH.CHGTAB_CACHE procedure (DB08) and Oracle Instant Client genezi utility (DB11). | ||||
| CVE-2007-2118 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in the Upgrade/Downgrade component of Oracle Database 9.0.1.5 and 9.2.0.7 has unknown impact and attack vectors, aka DB13. NOTE: as of 20070424, Oracle has not disputed reliable claims that this is a buffer overflow involving the "mig utility." | ||||
| CVE-2007-2124 | 1 Oracle | 1 Application Server | 2025-04-09 | N/A |
| Unspecified vulnerability in the Portal component in Oracle Application Server 10.1.4.1.0 has unknown impact and remote attack vectors, aka AS05. | ||||
| CVE-2007-2128 | 1 Oracle | 1 E-business Suite | 2025-04-09 | N/A |
| Unspecified vulnerability in the Sales Online component for Oracle E-Business Suite 11.5.10 has unknown impact and remote authenticated attack vectors, aka APPS08. | ||||
| CVE-2007-2130 | 1 Oracle | 4 Application Server, Collaboration Suite, Database Server and 1 more | 2025-04-09 | N/A |
| Unspecified vulnerability in Workflow Cartridge, as used in Oracle Database Server 9.2.0.1, 10.1.0.2, and 10.2.0.1; Application Server 9.0.4.3 and 10.1.2.0.2; Collaboration Suite 10.1.2; and E-Business Suite; has unknown impact and remote authenticated attack vectors, aka OWF01. | ||||
| CVE-2007-2132 | 1 Oracle | 1 Peoplesoft Enterprise | 2025-04-09 | N/A |
| Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise 8.47.12 and 8.48.08 has unknown impact and attack vectors, aka PSE02. | ||||
| CVE-2007-0283 | 1 Oracle | 2 Application Server, Collaboration Suite | 2025-04-09 | N/A |
| Unspecified vulnerability in Oracle Application Server 9.0.4.3 and Collaboration Suite 9.0.4.2 has unknown impact and attack vectors related to Oracle Containers for J2EE, aka OC4J02. | ||||
| CVE-2007-5517 | 1 Oracle | 2 Application Server, Collaboration Suite | 2025-04-09 | N/A |
| Unspecified vulnerability in the Oracle Portal component in Oracle Application Server 10.1.2.0.2 and 10.1.4.1, and Collaboration Suite 10.1.2, has unknown impact and remote attack vectors, aka AS02. | ||||
| CVE-2007-5506 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| The Core RDBMS component in Oracle Database 9.0.1.5+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote attackers to cause a denial of service (CPU consumption) via a crafted type 6 Data packet, aka DB20. | ||||
| CVE-2008-0339 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 has unknown impact and remote attack vectors, aka DB01. | ||||
| CVE-2008-0342 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in the Upgrade/Downgrade component in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3 has unknown impact and remote attack vectors, aka DB05. | ||||
| CVE-2008-0864 | 2 Bea Systems, Oracle | 2 Weblogic Portal, Weblogic Portal | 2025-04-09 | N/A |
| Admin Tools in BEA WebLogic Portal 8.1 SP3 through SP6 can inadvertently remove entitlements for pages when an administrator edits the page definition label, which might allow remote attackers to bypass intended access restrictions. | ||||
| CVE-2008-0865 | 2 Bea Systems, Oracle | 2 Weblogic Portal, Weblogic Portal | 2025-04-09 | N/A |
| Unspecified vulnerability in BEA WebLogic Portal 8.1 through SP6 allows remote attackers to bypass entitlements for instances of a floatable WLP portlet via unknown vectors. | ||||
| CVE-2008-1814 | 1 Oracle | 3 Application Server, Collaboration Suite, Database | 2025-04-09 | N/A |
| Unspecified vulnerability in the Oracle Secure Enterprise Search or Ultrasearch component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3; Application Server 9.0.4.3 and 10.1.2.2; and Oracle Collaboration Suite 10.1.2; has unknown impact and remote attack vectors, aka DB04. | ||||
| CVE-2008-1815 | 1 Oracle | 2 Database 10g, Database 11g | 2025-04-09 | N/A |
| Unspecified vulnerability in the Change Data Capture component in Oracle Database 10.1.0.5, 10.2.0.3, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to DBMS_CDC_UTILITY, aka DB02. NOTE: the previous information was obtained from the April 2008 CPU. Oracle has not commented on reliable researcher claims that DB02 is for SQL injection in LOCK_CHANGE_SET. | ||||
| CVE-2008-1816 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in Oracle Database 10.1.0.5 and 10.2.0.3 have unknown impact and remote authenticated attack vectors related to (1) SDO_UTIL in the Oracle Spatial component, aka DB05; or (2) fine grained auditing in the Audit component, aka DB14. NOTE: the previous information was obtained from the Oracle CPU. Oracle has not commented on reliable researcher claims that DB05 is SQL injection. | ||||