VYPR

Database 9i

by Oracle Corporation

CVEs (179)

  • CVE-2017-10202CriAug 8, 2017
    risk 0.65cvss 9.9epss 0.02

    Vulnerability in the OJVM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via…

  • CVE-2017-3310CriJan 27, 2017
    risk 0.59cvss 9.0epss 0.02

    Vulnerability in the OJVM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple…

  • CVE-2016-3609CriJul 21, 2016
    risk 0.59cvss 9.0epss 0.03

    Unspecified vulnerability in the OJVM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

  • CVE-2016-3454CriApr 21, 2016
    risk 0.59cvss 9.0epss 0.03

    Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

  • CVE-2017-10321HigOct 19, 2017
    risk 0.57cvss 8.8epss 0.00

    Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows low privileged attacker having Create session privilege with logon to the infrastructure where…

  • CVE-2016-2183HigSep 1, 2016
    risk 0.56cvss 7.5epss 0.96

    The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a…

  • CVE-2016-3479HigJul 21, 2016
    risk 0.49cvss 7.5epss 0.04

    Unspecified vulnerability in the Portable Clusterware component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote attackers to affect availability via unknown vectors.

  • CVE-2016-3489MedJul 21, 2016
    risk 0.44cvss 6.7epss 0.00

    Unspecified vulnerability in the Data Pump Import component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors.

  • CVE-2017-10261MedOct 19, 2017
    risk 0.42cvss 6.5epss 0.01

    Vulnerability in the XML Database component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with logon to the infrastructure where XML…

  • CVE-2016-5572MedOct 25, 2016
    risk 0.42cvss 6.4epss 0.00

    Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors.

  • CVE-2016-5497MedOct 25, 2016
    risk 0.42cvss 6.4epss 0.00

    Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors.

  • CVE-2016-0677MedApr 21, 2016
    risk 0.38cvss 5.9epss 0.02

    Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.1 and 12.1.0.2 allows remote attackers to affect availability via unknown vectors.

  • CVE-2017-3567MedApr 24, 2017
    risk 0.35cvss 5.3epss 0.01

    Vulnerability in the OJVM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple…

  • CVE-2014-3566LowOct 15, 2014
    risk 0.33cvss 3.4epss 1.00

    The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.

  • CVE-2016-3488MedJul 21, 2016
    risk 0.29cvss 4.4epss 0.00

    Unspecified vulnerability in the DB Sharding component in Oracle Database Server 12.1.0.2 allows local users to affect integrity via unknown vectors.

  • CVE-2016-3484LowJul 21, 2016
    risk 0.22cvss 3.4epss 0.00

    Unspecified vulnerability in the Database Vault component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality and integrity via unknown vectors.

  • CVE-2016-0691LowApr 21, 2016
    risk 0.21cvss 3.3epss 0.01

    Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect integrity via unknown vectors, a different vulnerability than CVE-2016-0690.

  • CVE-2016-0690LowApr 21, 2016
    risk 0.21cvss 3.3epss 0.01

    Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect integrity via unknown vectors, a different vulnerability than CVE-2016-0691.

  • CVE-2017-10292LowOct 19, 2017
    risk 0.15cvss 2.3epss 0.00

    Vulnerability in the RDBMS Security component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows high privileged attacker having Create User privilege with logon to the infrastructure where…

  • CVE-2009-1979Oct 22, 2009
    risk 0.09cvss epss 0.76

    Unspecified vulnerability in the Network Authentication component in Oracle Database 10.1.0.5 and 10.2.0.4 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2009 CPU. …

Page 1 of 9