Filtered by vendor Oracle
Subscribe
Total
9733 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-1376 | 2 Oracle, Symantec Veritas | 3 Mysql, Netbackup Advanced Reporter, Netbackup Global Data Manager | 2024-02-28 | 7.5 HIGH | N/A |
| libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and possibly execute arbitrary code. | |||||
| CVE-2004-2115 | 1 Oracle | 1 Http Server | 2024-02-28 | 6.8 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Oracle HTTP Server 1.3.22, based on Apache, allow remote attackers to execute arbitrary script as other users via the (1) action, (2) username, or (3) password parameters in an isqlplus request. | |||||
| CVE-2002-0102 | 1 Oracle | 1 Application Server Web Cache | 2024-02-28 | 5.0 MEDIUM | N/A |
| Oracle9iAS Web Cache 2.0.0.x allows remote attackers to cause a denial of service via (1) a request to TCP ports 1100, 4000, 4001, and 4002 with a large number of null characters, and (2) a request to TCP port 4000 with a large number of "." characters. | |||||
| CVE-2001-0942 | 1 Oracle | 1 Database Server | 2024-02-28 | 4.6 MEDIUM | N/A |
| dbsnmp in Oracle 8.1.6 and 8.1.7 uses the ORACLE_HOME environment variable to find and execute the dbsnmp program, which allows local users to execute arbitrary programs by pointing the ORACLE_HOME to an alternate directory that contains a malicious version of dbsnmp. | |||||
| CVE-2002-0562 | 1 Oracle | 3 Application Server, Application Server Web Cache, Oracle9i | 2024-02-28 | 5.0 MEDIUM | N/A |
| The default configuration of Oracle 9i Application Server 1.0.2.x running Oracle JSP or SQLJSP stores globals.jsa under the web root, which allows remote attackers to gain sensitive information including usernames and passwords via a direct HTTP request to globals.jsa. | |||||
| CVE-2002-1636 | 1 Oracle | 1 Application Server | 2024-02-28 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the htp PL/SQL package for Oracle 9i Application Server (9iAS) allows remote attackers to inject arbitrary web script or HTML via the cbuf parameter to htp.print. | |||||
| CVE-2004-0388 | 1 Oracle | 1 Mysql | 2024-02-28 | 2.1 LOW | N/A |
| The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2002-1089 | 1 Oracle | 2 Application Server, Reports | 2024-02-28 | 5.0 MEDIUM | N/A |
| rwcgi60 CGI program in Oracle Reports Server, by design, provides sensitive information such as the full pathname, which could enable remote attackers to use the information in additional attacks. | |||||
| CVE-2004-2229 | 1 Oracle | 1 Database Server Lite | 2024-02-28 | 4.6 MEDIUM | N/A |
| Multiple unknown vulnerabilities in Oracle 9i Lite Mobile Server 5.0.0.0.0 through 5.0.2.9.0 allow remote authenticated users to gain privileges. | |||||
| CVE-2002-0566 | 1 Oracle | 4 Application Server, Application Server Web Cache, Oracle8i and 1 more | 2024-02-28 | 5.0 MEDIUM | N/A |
| PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to cause a denial of service (crash) via an HTTP Authorization header without an authentication type. | |||||
| CVE-1999-0524 | 11 Apple, Cisco, Hp and 8 more | 14 Mac Os X, Macos, Ios and 11 more | 2024-02-28 | 2.1 LOW | N/A |
| ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. | |||||
| CVE-2002-1882 | 1 Oracle | 1 E-business Suite | 2024-02-28 | 7.5 HIGH | N/A |
| Unknown vulnerability in AolSecurityPrivate.class in Oracle E-Business Suite 11i 11.1 through 11.6 allows remote attackers to bypass user authentication checks via unknown attack vectors. | |||||
| CVE-1999-0046 | 10 Bsdi, Debian, Digital and 7 more | 10 Bsd Os, Debian Linux, Ultrix and 7 more | 2024-02-28 | 10.0 HIGH | N/A |
| Buffer overflow of rlogin program using TERM environmental variable. | |||||