Enterprise Manager
CVEs (40)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2009-1966 | 0.00 | — | 0.01 | Jul 14, 2009 | Unspecified vulnerability in the Config Management component in (1) Oracle Database 11.1.0.7 and (2) Oracle Enterprise Manager 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-1967. | |||
| CVE-2008-5447 | 0.00 | — | 0.02 | Jan 14, 2009 | Unspecified vulnerability in the Oracle Enterprise Manager component in Oracle Enterprise Manager 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors. | |||
| CVE-2008-2590 | 0.00 | — | 0.01 | Jul 15, 2008 | Unspecified vulnerability in the Instance Management component in Oracle Database 10.1.0.5 and Enterprise Manager 10.1.0.6 has unknown impact and remote authenticated attack vectors. | |||
| CVE-2008-2603 | 0.00 | — | 0.01 | Jul 15, 2008 | Unspecified vulnerability in the Resource Manager component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6, and Database Control in Enterprise Manager, has unknown impact and remote authenticated attack vectors. NOTE: the previous information was obtained from the Oracle… | |||
| CVE-2008-1812 | 0.00 | — | 0.02 | Apr 16, 2008 | Unspecified vulnerability in the Oracle Enterprise Manager component in Oracle Database 9.0.1.5 FIPS+; Application Server 1.0.2.2; and Enterprise Manager for AS 1.0.2.2 and Database 9.0.1.5 has unknown impact and local attack vectors, aka EM01. | |||
| CVE-2007-5531 | 0.00 | — | 0.04 | Oct 17, 2007 | Unspecified vulnerability in Oracle Help for Web, as used in Oracle Application Server, Oracle Database 10.2.0.3, and Enterprise Manager 10.1.0.6, has unknown impact and remote attack vectors, aka EM02. | |||
| CVE-2007-5530 | 0.00 | — | 0.02 | Oct 17, 2007 | Unspecified vulnerability in the Database Control component in Oracle Database 10.1.0.5 and 10.2.0.3, and Enterprise Manager, has unknown impact and remote attack vectors, aka EM01. | |||
| CVE-2007-2129 | 0.00 | — | 0.02 | Apr 18, 2007 | Unspecified vulnerability in the Agent component in Oracle Enterprise Manager 9.2.0.8 has unknown impact and remote attack vectors, aka EM01. | |||
| CVE-2007-0294 | 0.00 | — | 0.00 | Jan 17, 2007 | Unspecified vulnerability in Oracle Enterprise Manager 10.2.0.1 has unknown impact and attack vectors related to Database Cloning & Data Guard Management, aka EM06. | |||
| CVE-2007-0293 | 0.00 | — | 0.02 | Jan 17, 2007 | Multiple unspecified vulnerabilities in Oracle Enterprise Manager 10.1.0.5 and 10.2.0.1 have unknown impact and attack vectors related to (1) Oracle Agent (EM03) and (2) EM04 and (3) EM05 in Enterprise Manager Console. NOTE: EM05 might be related to CVE-2007-0222. | |||
| CVE-2007-0292 | 0.00 | — | 0.02 | Jan 17, 2007 | Multiple unspecified vulnerabilities in Oracle Enterprise Manager 10.1.0.5 have unknown impact and attack vectors related to Oracle Agent, aka (1) EM01 and (2) EM02. NOTE: EM05 might be related to CVE-2007-0222. | |||
| CVE-2006-3721 | 0.00 | — | 0.04 | Jul 21, 2006 | Multiple unspecified vulnerabilities in Oracle Management Service for Oracle Enterprise Manager 10.1.0.5 and 10.2.0.1 have unknown impact and attack vectors, aka Oracle Vuln# EM03 and EM04. | |||
| CVE-2006-3719 | 0.00 | — | 0.02 | Jul 21, 2006 | Unspecified vulnerability in CORE: Repository for Oracle Enterprise Manager 9.0.1.0 and 9.2.0.1 has unknown impact and attack vectors, aka Oracle Vuln# EM01. | |||
| CVE-2006-3720 | 0.00 | — | 0.02 | Jul 21, 2006 | Unspecified vulnerability in Enterprise Config Management for Oracle Enterprise Manager 10.1.0.3 has unknown impact and attack vectors, aka Oracle Vuln# EM02. | |||
| CVE-2006-1885 | 0.00 | — | 0.04 | Apr 20, 2006 | Multiple unspecified vulnerabilities in the Reporting Framework component in Oracle Enterprise Manager 9.0.1.5 and 9.2.0.7 have unknown impact and attack vectors, aka Vuln# (1) EM01 and (2) EM02. | |||
| CVE-2005-3460 | 0.00 | — | 0.04 | Nov 2, 2005 | Unspecified vulnerability in Oracle Agent in Oracle Enterprise Manager 9.0.4.1 up to 10.1.0.4 has unknown impact and attack vectors, as identified by Oracle Vuln# EM01. | |||
| CVE-2004-1370 | 0.00 | — | 0.04 | Aug 4, 2004 | Multiple SQL injection vulnerabilities in PL/SQL procedures that run with definer rights in Oracle 9i and 10g allow remote attackers to execute arbitrary SQL commands and gain privileges via (1) DBMS_EXPORT_EXTENSION, (2) WK_ACL.GET_ACL, (3) WK_ACL.STORE_ACL, (4)… | |||
| CVE-2004-1369 | 0.00 | — | 0.06 | Aug 4, 2004 | The TNS Listener in Oracle 10g allows remote attackers to cause a denial of service (listener crash) via a malformed service_register_NSGR request containing a value that is used as an invalid offset for a pointer that references incorrect memory. | |||
| CVE-2004-1368 | 0.00 | — | 0.06 | Aug 4, 2004 | ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script. | |||
| CVE-2000-0654 | 0.00 | — | 0.01 | Jul 11, 2000 | Microsoft Enterprise Manager allows local users to obtain database passwords via the Data Transformation Service (DTS) package Registered Servers Dialog dialog, aka a variant of the "DTS Password" vulnerability. |
- CVE-2009-1966Jul 14, 2009risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Config Management component in (1) Oracle Database 11.1.0.7 and (2) Oracle Enterprise Manager 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors, a different vulnerability than CVE-2009-1967.
- CVE-2008-5447Jan 14, 2009risk 0.00cvss —epss 0.02
Unspecified vulnerability in the Oracle Enterprise Manager component in Oracle Enterprise Manager 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.
- CVE-2008-2590Jul 15, 2008risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Instance Management component in Oracle Database 10.1.0.5 and Enterprise Manager 10.1.0.6 has unknown impact and remote authenticated attack vectors.
- CVE-2008-2603Jul 15, 2008risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Resource Manager component in Oracle Database 10.1.0.5, 10.2.0.4, and 11.1.0.6, and Database Control in Enterprise Manager, has unknown impact and remote authenticated attack vectors. NOTE: the previous information was obtained from the Oracle…
- CVE-2008-1812Apr 16, 2008risk 0.00cvss —epss 0.02
Unspecified vulnerability in the Oracle Enterprise Manager component in Oracle Database 9.0.1.5 FIPS+; Application Server 1.0.2.2; and Enterprise Manager for AS 1.0.2.2 and Database 9.0.1.5 has unknown impact and local attack vectors, aka EM01.
- CVE-2007-5531Oct 17, 2007risk 0.00cvss —epss 0.04
Unspecified vulnerability in Oracle Help for Web, as used in Oracle Application Server, Oracle Database 10.2.0.3, and Enterprise Manager 10.1.0.6, has unknown impact and remote attack vectors, aka EM02.
- CVE-2007-5530Oct 17, 2007risk 0.00cvss —epss 0.02
Unspecified vulnerability in the Database Control component in Oracle Database 10.1.0.5 and 10.2.0.3, and Enterprise Manager, has unknown impact and remote attack vectors, aka EM01.
- CVE-2007-2129Apr 18, 2007risk 0.00cvss —epss 0.02
Unspecified vulnerability in the Agent component in Oracle Enterprise Manager 9.2.0.8 has unknown impact and remote attack vectors, aka EM01.
- CVE-2007-0294Jan 17, 2007risk 0.00cvss —epss 0.00
Unspecified vulnerability in Oracle Enterprise Manager 10.2.0.1 has unknown impact and attack vectors related to Database Cloning & Data Guard Management, aka EM06.
- CVE-2007-0293Jan 17, 2007risk 0.00cvss —epss 0.02
Multiple unspecified vulnerabilities in Oracle Enterprise Manager 10.1.0.5 and 10.2.0.1 have unknown impact and attack vectors related to (1) Oracle Agent (EM03) and (2) EM04 and (3) EM05 in Enterprise Manager Console. NOTE: EM05 might be related to CVE-2007-0222.
- CVE-2007-0292Jan 17, 2007risk 0.00cvss —epss 0.02
Multiple unspecified vulnerabilities in Oracle Enterprise Manager 10.1.0.5 have unknown impact and attack vectors related to Oracle Agent, aka (1) EM01 and (2) EM02. NOTE: EM05 might be related to CVE-2007-0222.
- CVE-2006-3721Jul 21, 2006risk 0.00cvss —epss 0.04
Multiple unspecified vulnerabilities in Oracle Management Service for Oracle Enterprise Manager 10.1.0.5 and 10.2.0.1 have unknown impact and attack vectors, aka Oracle Vuln# EM03 and EM04.
- CVE-2006-3719Jul 21, 2006risk 0.00cvss —epss 0.02
Unspecified vulnerability in CORE: Repository for Oracle Enterprise Manager 9.0.1.0 and 9.2.0.1 has unknown impact and attack vectors, aka Oracle Vuln# EM01.
- CVE-2006-3720Jul 21, 2006risk 0.00cvss —epss 0.02
Unspecified vulnerability in Enterprise Config Management for Oracle Enterprise Manager 10.1.0.3 has unknown impact and attack vectors, aka Oracle Vuln# EM02.
- CVE-2006-1885Apr 20, 2006risk 0.00cvss —epss 0.04
Multiple unspecified vulnerabilities in the Reporting Framework component in Oracle Enterprise Manager 9.0.1.5 and 9.2.0.7 have unknown impact and attack vectors, aka Vuln# (1) EM01 and (2) EM02.
- CVE-2005-3460Nov 2, 2005risk 0.00cvss —epss 0.04
Unspecified vulnerability in Oracle Agent in Oracle Enterprise Manager 9.0.4.1 up to 10.1.0.4 has unknown impact and attack vectors, as identified by Oracle Vuln# EM01.
- CVE-2004-1370Aug 4, 2004risk 0.00cvss —epss 0.04
Multiple SQL injection vulnerabilities in PL/SQL procedures that run with definer rights in Oracle 9i and 10g allow remote attackers to execute arbitrary SQL commands and gain privileges via (1) DBMS_EXPORT_EXTENSION, (2) WK_ACL.GET_ACL, (3) WK_ACL.STORE_ACL, (4)…
- CVE-2004-1369Aug 4, 2004risk 0.00cvss —epss 0.06
The TNS Listener in Oracle 10g allows remote attackers to cause a denial of service (listener crash) via a malformed service_register_NSGR request containing a value that is used as an invalid offset for a pointer that references incorrect memory.
- CVE-2004-1368Aug 4, 2004risk 0.00cvss —epss 0.06
ISQL*Plus in Oracle 10g Application Server allows remote attackers to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script.
- CVE-2000-0654Jul 11, 2000risk 0.00cvss —epss 0.01
Microsoft Enterprise Manager allows local users to obtain database passwords via the Data Transformation Service (DTS) package Registered Servers Dialog dialog, aka a variant of the "DTS Password" vulnerability.
Page 2 of 2