Oracle Database vulnerabilities

CVE-2016-0690 [LOW] CVE-2016-0690: Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0 Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect integrity via unknown vectors, a different vulnerability than CVE-2016-0691.

CVE-2014-3566 [LOW] CWE-310 CVE-2014-3566: The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CB The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue.

CVE-2010-0076 [MEDIUM] CVE-2010-0076: Unspecified vulnerability in the Application Express Application Builder component in Oracle Databas Unspecified vulnerability in the Application Express Application Builder component in Oracle Database 3.2.1.00.10 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

CVE-2008-1814 [CRITICAL] CVE-2008-1814: Unspecified vulnerability in the Oracle Secure Enterprise Search or Ultrasearch component in Oracle Unspecified vulnerability in the Oracle Secure Enterprise Search or Ultrasearch component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3; Application Server 9.0.4.3 and 10.1.2.2; and Oracle Collaboration Suite 10.1.2; has unknown impact and remote attack vectors, aka DB04.