Oracle Database Server vulnerabilities

CVE-2023-22077 [MEDIUM] CVE-2023-22077: Vulnerability in the Oracle Database Recovery Manager component of Oracle Database Server. Supporte Vulnerability in the Oracle Database Recovery Manager component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker having DBA account privilege with network access via Oracle Net to compromise Oracle Database Recovery Manager. Successful attacks of t

CVE-2023-22073 [MEDIUM] CVE-2023-22073: Vulnerability in the Oracle Notification Server component of Oracle Database Server. Supported vers Vulnerability in the Oracle Notification Server component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows unauthenticated attacker with access to the physical communication segment attached to the hardware where the Oracle Notification Server executes to compromise Oracle

CVE-2023-22075 [LOW] CVE-2023-22075: Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Supported versio Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker having Create Session, Create Any View, Select Any Table privilege with network access via Oracle Net to compromise Oracle Database Sharding. Succ

CVE-2023-22074 [LOW] CVE-2023-22074: Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Supported versio Vulnerability in the Oracle Database Sharding component of Oracle Database Server. Supported versions that are affected are 19.3-19.20 and 21.3-21.11. Easily exploitable vulnerability allows high privileged attacker having Create Session, Select Any Dictionary privilege with network access via Oracle Net to compromise Oracle Database Sharding. Successful attac

CVE-2023-22034 [MEDIUM] CVE-2023-22034: Vulnerability in the Unified Audit component of Oracle Database Server. Supported versions that are Vulnerability in the Unified Audit component of Oracle Database Server. Supported versions that are affected are 19.3-19.19 and 21.3-21.10. Easily exploitable vulnerability allows high privileged attacker having SYSDBA privilege with network access via Oracle Net to compromise Unified Audit. Successful attacks of this vulnerability can result in unauthorize

CVE-2023-21949 [LOW] CVE-2023-21949: Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported vers Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 19.3-19.19 and 21.3-21.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option. Successful attacks of this vulnerability can result in unauthoriz

CVE-2023-22052 [LOW] CVE-2023-22052: Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affec Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 19.3-19.19 and 21.3-21.10. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple protocols to compromise Java VM. Successful attacks of this vulnerability can r

CVE-2023-21893 [HIGH] CWE-284 CVE-2023-21893: Vulnerability in the Oracle Data Provider for .NET component of Oracle Database Server. Supported v Vulnerability in the Oracle Data Provider for .NET component of Oracle Database Server. Supported versions that are affected are 19c and 21c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TCPS to compromise Oracle Data Provider for .NET. Successful attacks require human interaction from a person other than

CVE-2022-21606 [MEDIUM] CWE-79 CVE-2022-21606: Vulnerability in the Oracle Services for Microsoft Transaction Server component of Oracle Database S Vulnerability in the Oracle Services for Microsoft Transaction Server component of Oracle Database Server. The supported version that is affected is 19c. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Services for Microsoft Transaction Server. Successful attacks require human interac

CVE-2022-21393 [MEDIUM] CVE-2022-21393: Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affect Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 19c and 21c. Easily exploitable vulnerability allows low privileged attacker having Create Procedure privilege with network access via Oracle Net to compromise Java VM. Successful attacks of this vulnerability can result in unauthor

CVE-2022-21247 [LOW] CVE-2022-21247: Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are aff Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.2.0.1 and 19c. Easily exploitable vulnerability allows high privileged attacker having Create Session, Execute Catalog Role privilege with network access via Oracle Net to compromise Core RDBMS. Successful attacks of this vulnerability can result in

CVE-2021-2332 [MEDIUM] CVE-2021-2332: Vulnerability in the Oracle LogMiner component of Oracle Database Server. Supported versions that ar Vulnerability in the Oracle LogMiner component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows high privileged attacker having DBA privilege with network access via Oracle Net to compromise Oracle LogMiner. Successful attacks of this vulnerability can result in unauthorize

CVE-2021-35576 [LOW] CVE-2021-35576: Vulnerability in the Oracle Database Enterprise Edition Unified Audit component of Oracle Database S Vulnerability in the Oracle Database Enterprise Edition Unified Audit component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows high privileged attacker having Local Logon privilege with network access via Oracle Net to compromise Oracle Database Enterprise Edition Unified

CVE-2021-2234 [MEDIUM] CVE-2021-2234: Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affect Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to compromise Java VM. Successful attacks of this vulnerability can result in unauthoriz

CVE-2021-2173 [MEDIUM] CVE-2021-2173: Vulnerability in the Recovery component of Oracle Database Server. Supported versions that are affec Vulnerability in the Recovery component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having DBA Level Account privilege with network access via Oracle Net to compromise Recovery. While the vulnerability is in Recovery, attacks may significa

CVE-2021-2175 [LOW] CVE-2021-2175: Vulnerability in the Database Vault component of Oracle Database Server. Supported versions that are Vulnerability in the Database Vault component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having Create Any View, Select Any View privilege with network access via Oracle Net to compromise Database Vault. Successful attacks of this vulnerabil

CVE-2021-1993 [MEDIUM] CVE-2021-1993: Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affect Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to compromise Java VM. Successful attacks require human interaction from a person other

CVE-2021-2000 [LOW] CVE-2021-2000: Vulnerability in the Unified Audit component of Oracle Database Server. Supported versions that are Vulnerability in the Unified Audit component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having SYS Account privilege with network access via Oracle Net to compromise Unified Audit. Successful attacks require human interaction from a person ot

CVE-2020-2968 [HIGH] CVE-2020-2968: Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affect Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple protocols to compromise Java VM. Successful attacks require huma

CVE-2020-2969 [MEDIUM] CVE-2020-2969: Vulnerability in the Data Pump component of Oracle Database Server. Supported versions that are affe Vulnerability in the Data Pump component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows high privileged attacker having DBA role account privilege with network access via Oracle Net to compromise Data Pump. Successful attacks of this vulnerability can res