VYPR

XML DB

by Oracle Corporation

CVEs (5)

  • CVE-2005-3204Oct 14, 2005
    risk 0.05cvss epss 0.21

    Cross-site scripting (XSS) vulnerability in Oracle XML DB 9iR2 allows remote attackers to inject arbitrary web script or HTML via the query string in an HTTP request.

  • CVE-2008-0339Jan 17, 2008
    risk 0.04cvss epss 0.15

    Unspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 has unknown impact and remote attack vectors, aka DB01.

  • CVE-2021-2333Jul 20, 2021
    risk 0.00cvss epss 0.01

    Vulnerability in the Oracle XML DB component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows high privileged attacker having Alter User privilege with network access via Oracle Net to…

  • CVE-2021-2329Jul 20, 2021
    risk 0.00cvss epss 0.01

    Vulnerability in the Oracle XML DB component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows high privileged attacker having Create Any Procedure, Create Public Synonym privilege with network…

  • CVE-2007-5513Oct 17, 2007
    risk 0.00cvss epss 0.03

    The XML DB (XMLDB) component in Oracle Database 9.2.0.8, 9.2.0.8DV, and 10.1.0.5 generates incorrect audit entries in the USERID column in which (1) long usernames are trimmed to 5 characters, or (2) short entries contain any extra characters from usernames in previous entries,…