Database Server
CVEs (553)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-46834 | Hig | 0.49 | 7.5 | 0.00 | May 28, 2026 | Vulnerability in the Net Service component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Net Service. Successful attacks of this… | ||
| CVE-2016-2381 | Hig | 0.49 | 7.5 | 0.09 | Apr 8, 2016 | Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp. | ||
| CVE-2016-3489 | Med | 0.44 | 6.7 | 0.00 | Jul 21, 2016 | Unspecified vulnerability in the Data Pump Import component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors. | ||
| CVE-2017-10261 | Med | 0.42 | 6.5 | 0.01 | Oct 19, 2017 | Vulnerability in the XML Database component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with logon to the infrastructure where XML… | ||
| CVE-2016-5572 | Med | 0.42 | 6.4 | 0.00 | Oct 25, 2016 | Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors. | ||
| CVE-2016-5497 | Med | 0.42 | 6.4 | 0.00 | Oct 25, 2016 | Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors. | ||
| CVE-2016-5516 | Med | 0.39 | 6.0 | 0.00 | Oct 25, 2016 | Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect availability via unknown vectors. | ||
| CVE-2016-0677 | Med | 0.38 | 5.9 | 0.02 | Apr 21, 2016 | Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.1 and 12.1.0.2 allows remote attackers to affect availability via unknown vectors. | ||
| CVE-2016-5505 | Med | 0.36 | 5.5 | 0.00 | Oct 25, 2016 | Unspecified vulnerability in the RDBMS Programmable Interface component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors. | ||
| CVE-2018-3004 | Med | 0.35 | 5.3 | 0.03 | Jul 18, 2018 | Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2,12.2.0.1 and 18.2. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network… | ||
| CVE-2016-3488 | Med | 0.29 | 4.4 | 0.00 | Jul 21, 2016 | Unspecified vulnerability in the DB Sharding component in Oracle Database Server 12.1.0.2 allows local users to affect integrity via unknown vectors. | ||
| CVE-2016-3484 | Low | 0.22 | 3.4 | 0.00 | Jul 21, 2016 | Unspecified vulnerability in the Database Vault component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality and integrity via unknown vectors. | ||
| CVE-2017-3240 | Low | 0.21 | 3.3 | 0.00 | Jan 27, 2017 | Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that is affected is 12.1.0.2. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where RDBMS Security… | ||
| CVE-2016-5499 | Low | 0.21 | 3.3 | 0.00 | Oct 25, 2016 | Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2016-5498. | ||
| CVE-2016-5498 | Low | 0.21 | 3.3 | 0.00 | Oct 25, 2016 | Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2016-5499. | ||
| CVE-2016-0691 | Low | 0.21 | 3.3 | 0.01 | Apr 21, 2016 | Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect integrity via unknown vectors, a different vulnerability than CVE-2016-0690. | ||
| CVE-2016-0690 | Low | 0.21 | 3.3 | 0.01 | Apr 21, 2016 | Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect integrity via unknown vectors, a different vulnerability than CVE-2016-0691. | ||
| CVE-2026-34312 | Low | 0.16 | 2.4 | 0.00 | Apr 21, 2026 | Vulnerability in the RDBMS component of Oracle Database Server. Supported versions that are affected are 19.3-19.30. Easily exploitable vulnerability allows high privileged attacker having Row Access Method privilege with network access via multiple protocols to compromise… | ||
| CVE-2016-3562 | Low | 0.16 | 2.4 | 0.01 | Oct 25, 2016 | Unspecified vulnerability in the RDBMS Security and SQL*Plus components in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote administrators to affect confidentiality via vectors related to DBA. | ||
| CVE-2017-10292 | Low | 0.15 | 2.3 | 0.00 | Oct 19, 2017 | Vulnerability in the RDBMS Security component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows high privileged attacker having Create User privilege with logon to the infrastructure where… |
- risk 0.49cvss 7.5epss 0.00
Vulnerability in the Net Service component of Oracle Database Server. Supported versions that are affected are 23.4.0-23.26.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Net Service. Successful attacks of this…
- risk 0.49cvss 7.5epss 0.09
Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp.
- risk 0.44cvss 6.7epss 0.00
Unspecified vulnerability in the Data Pump Import component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors.
- risk 0.42cvss 6.5epss 0.01
Vulnerability in the XML Database component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with logon to the infrastructure where XML…
- risk 0.42cvss 6.4epss 0.00
Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors.
- risk 0.42cvss 6.4epss 0.00
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors.
- risk 0.39cvss 6.0epss 0.00
Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect availability via unknown vectors.
- risk 0.38cvss 5.9epss 0.02
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.1 and 12.1.0.2 allows remote attackers to affect availability via unknown vectors.
- risk 0.36cvss 5.5epss 0.00
Unspecified vulnerability in the RDBMS Programmable Interface component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors.
- risk 0.35cvss 5.3epss 0.03
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2,12.2.0.1 and 18.2. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network…
- risk 0.29cvss 4.4epss 0.00
Unspecified vulnerability in the DB Sharding component in Oracle Database Server 12.1.0.2 allows local users to affect integrity via unknown vectors.
- risk 0.22cvss 3.4epss 0.00
Unspecified vulnerability in the Database Vault component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality and integrity via unknown vectors.
- risk 0.21cvss 3.3epss 0.00
Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that is affected is 12.1.0.2. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where RDBMS Security…
- risk 0.21cvss 3.3epss 0.00
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2016-5498.
- risk 0.21cvss 3.3epss 0.00
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows local users to affect confidentiality via unknown vectors, a different vulnerability than CVE-2016-5499.
- risk 0.21cvss 3.3epss 0.01
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect integrity via unknown vectors, a different vulnerability than CVE-2016-0690.
- risk 0.21cvss 3.3epss 0.01
Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect integrity via unknown vectors, a different vulnerability than CVE-2016-0691.
- risk 0.16cvss 2.4epss 0.00
Vulnerability in the RDBMS component of Oracle Database Server. Supported versions that are affected are 19.3-19.30. Easily exploitable vulnerability allows high privileged attacker having Row Access Method privilege with network access via multiple protocols to compromise…
- risk 0.16cvss 2.4epss 0.01
Unspecified vulnerability in the RDBMS Security and SQL*Plus components in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote administrators to affect confidentiality via vectors related to DBA.
- risk 0.15cvss 2.3epss 0.00
Vulnerability in the RDBMS Security component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vulnerability allows high privileged attacker having Create User privilege with logon to the infrastructure where…
Page 2 of 28