Export limit exceeded: 10329 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10329 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2007-0288 | 1 Oracle | 1 Application Server | 2025-04-09 | N/A |
| Unspecified vulnerability in Oracle Application Server 10.1.4.0 has unknown impact and attack vectors related to Oracle Internet Directory, aka OID01. | ||||
| CVE-2008-3257 | 3 Bea, Bea Systems, Oracle | 4 Weblogic Server, Apache Connector In Weblogic Server, Weblogic Server and 1 more | 2025-04-09 | N/A |
| Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and earlier allows remote attackers to execute arbitrary code via a long HTTP version string, as demonstrated by a string after "POST /.jsp" in an HTTP request. | ||||
| CVE-2006-5361 | 1 Oracle | 2 Application Server, Collaboration Suite | 2025-04-09 | N/A |
| Unspecified vulnerability in Oracle Containers for J2EE in Oracle Application Server 9.0.4.3, 10.1.2.0.0, and 10.1.2.0.1, and Oracle Collaboration Suite 9.0.4.2 and 10.1.2, has unknown impact and remote attack vectors, aka Vuln# OC4J03. | ||||
| CVE-2007-2120 | 1 Oracle | 1 Application Server | 2025-04-09 | N/A |
| The Oracle Discoverer servlet in Oracle Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2.0 allows remote attackers to shut down an Oracle TNS Listener via a TNS STOP command in a request that uses the database/TNS alias, aka AS01. | ||||
| CVE-2006-5345 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.4 has unknown impact and remote authenticated attack vectors related to mdsys.sdo_geom, aka Vuln# DB22. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB22 is related to "length checking" in the RELATE function before MD2.RELATE is called. | ||||
| CVE-2007-5527 | 1 Oracle | 1 E-business Suite | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10.2 have unknown impact and remote attack vectors, related to (1) Application Object Library component (APP01), (2) Contracts Integration (APP02), (3) Applications Manager (APP04), (4) Marketing component (APP05), and (5) Exchange component (APP07). | ||||
| CVE-2006-5341 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in XMLDB component in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.2 have unknown impact and remote authenticated attack vectors, aka (1) Vuln# DB14 and (2) DB15 related to xdb.dbms_xdbz. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB14 is for SQL injection in the PITRIG_DROP and PITRIG_DROPMETADATA functions in XDB_PITRIG_PKG, and DB15 is for SQL injection in DISABLE_HIERARCHY_INTERNAL in DBMS_XDBZ. | ||||
| CVE-2006-5339 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in Oracle Spatial component in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 has unknown impact and remote authenticated attack vectors related to mdsys.sdo_geom, aka Vuln# DB11. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB11 is related to "length checking" in the RELATE function before MD2.RELATE is called. | ||||
| CVE-2008-0868 | 2 Bea Systems, Oracle | 2 Weblogic Portal, Weblogic Portal | 2025-04-09 | N/A |
| Cross-site scripting (XSS) vulnerability in Groupspace in BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 1 allows remote authenticated users to inject arbitrary web script or HTML via unknown vectors. | ||||
| CVE-2008-1826 | 1 Oracle | 1 E-business Suite | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in Oracle E-Business Suite 11.5.10.2 have unknown impact and attack vectors related to (a) Advanced Pricing, aka (1) APP01 and (2) APP10; and (b) Applications Framework, aka (3) APP05. | ||||
| CVE-2006-5334 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in Oracle Spatial component in Oracle Database 9.0.1.5, 9.2.0.7, and 10.1.0.5 has unknown impact and remote authenticated attack vectors related to mdsys.md2, aka Vuln# DB03. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB03 is related to one or more of (1) a buffer overflow in the (a) RELATE function or (2) SQL injection in the (b) TESSELATE_FIXED and (c) TESSELATE function. | ||||
| CVE-2008-2607 | 1 Oracle | 3 Advanced Queuing Component, Database 9i, Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to SYS.DBMS_AQELM. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a buffer overflow that allows attackers to cause a denial of service (database corruption) and possibly execute arbitrary code via a long argument to an unspecified procedure. | ||||
| CVE-2008-2611 | 1 Oracle | 3 Core Rdbms Component, Database Server, Oracle Database | 2025-04-09 | N/A |
| Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors. | ||||
| CVE-2008-3994 | 1 Oracle | 3 Database 10g, Database 11i, Database 9i | 2025-04-09 | N/A |
| Unspecified vulnerability in the Workspace Manager component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.3, and 11.1.0.6 allows remote authenticated users to affect confidentiality and integrity, related to WMSYS.LTADM. | ||||
| CVE-2008-2619 | 1 Oracle | 2 Application Server, E-business Suite | 2025-04-09 | N/A |
| Unspecified vulnerability in the Oracle Reports Developer component in Oracle Application Server 1.0.2.2, 9.0.4.3, and 10.1.2.2, and E-Business Suite 11.5.10.2, allows remote authenticated users to affect availability via unknown vectors. | ||||
| CVE-2006-5344 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in Oracle Spatial component in Oracle Database 8.1.7.4, 9.0.1.5, 9.2.0.7, and 10.1.0.4 have unknown impact and remote authenticated attack vectors related to (1) mdsys.sdo_3gl, aka Vuln# DB20, and (2) mdsys.sdo_cs, aka DB21. NOTE: as of 20061023, Oracle has not disputed reports from reliable third parties that DB20 is a buffer overflow in GEOM_OPERATION, and DB21 is related to a buffer overflow and SQL injection in TRANSFORM_LAYER. | ||||
| CVE-2009-3408 | 1 Oracle | 1 E-business Suite | 2025-04-09 | N/A |
| Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 11.5.10 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | ||||
| CVE-2008-0341 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in the Advanced Queuing component in Oracle Database 9.0.1.5 FIPS+ and 10.1.0.5 has unknown impact and remote attack vectors, aka DB03. | ||||
| CVE-2008-2623 | 1 Oracle | 1 Jdeveloper | 2025-04-09 | N/A |
| Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.3 allows local users to affect confidentiality via unknown vectors. | ||||
| CVE-2007-0271 | 1 Oracle | 1 Database Server | 2025-04-09 | N/A |
| Unspecified vulnerability in Oracle Database 9.0.1.5 and 9.2.0.7 has unknown impact and attack vectors related to the Log Miner component and sys.dbms_log_mnr privileges, aka DB04. NOTE: Oracle has not disputed a reliable researcher claim that this is a buffer overflow in the ADD_LOGFILE procedure for the SYS.DBMS_LOGMNR package that allows code execution. | ||||