Oracle Database Server vulnerabilities

CVE-2016-3562 [LOW] CWE-200 CVE-2016-3562: Unspecified vulnerability in the RDBMS Security and SQL*Plus components in Oracle Database Server 11 Unspecified vulnerability in the RDBMS Security and SQL*Plus components in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote administrators to affect confidentiality via vectors related to DBA.

CVE-2016-2381 [HIGH] CWE-20 CVE-2016-2381: Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child pro Perl might allow context-dependent attackers to bypass the taint protection mechanism in a child process via duplicate environment variables in envp.

CVE-2016-0499 [CRITICAL] CVE-2016-0499: Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-4794.

CVE-2016-0472 [MEDIUM] CVE-2016-0472: Unspecified vulnerability in the XDB - XML Database component in Oracle Database Server 11.2.0.4, 12 Unspecified vulnerability in the XDB - XML Database component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality and availability via unknown vectors.

CVE-2015-4925 [MEDIUM] CVE-2015-4925: Unspecified vulnerability in the Workspace Manager component in Oracle Database Server 11.2.0.4 allo Unspecified vulnerability in the Workspace Manager component in Oracle Database Server 11.2.0.4 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

CVE-2016-0467 [MEDIUM] CVE-2016-0467: Unspecified vulnerability in the Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, an Unspecified vulnerability in the Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect integrity via unknown vectors.

CVE-2015-4923 [MEDIUM] CVE-2015-4923: Unspecified vulnerability in the XML Developer's Kit for C component in Oracle Database Server 11.2. Unspecified vulnerability in the XML Developer's Kit for C component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect availability via unknown vectors.

CVE-2016-0461 [MEDIUM] CVE-2016-0461: Unspecified vulnerability in the XDB - XML Database component in Oracle Database Server 11.2.0.4, 12 Unspecified vulnerability in the XDB - XML Database component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect availability via unknown vectors.

CVE-2015-4921 [MEDIUM] CVE-2015-4921: Unspecified vulnerability in the Database Vault component in Oracle Database Server 11.2.0.4, 12.1.0 Unspecified vulnerability in the Database Vault component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect integrity via unknown vectors.

CVE-2015-4796 [CRITICAL] CVE-2015-4796: Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2, when running on Windows, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-4888.

CVE-2015-4794 [CRITICAL] CVE-2015-4794: Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

CVE-2015-4863 [CRITICAL] CVE-2015-4863: Unspecified vulnerability in the Portable Clusterware component in Oracle Database Server 11.2.0.4, Unspecified vulnerability in the Portable Clusterware component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

CVE-2015-4873 [HIGH] CVE-2015-4873: Unspecified vulnerability in the Database Scheduler component in Oracle Database Server 11.2.0.4, 12 Unspecified vulnerability in the Database Scheduler component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors.

CVE-2015-4857 [MEDIUM] CVE-2015-4857: Unspecified vulnerability in the RDBMS component in Oracle Database Server 12.1.0.1 and 12.1.0.2 all Unspecified vulnerability in the RDBMS component in Oracle Database Server 12.1.0.1 and 12.1.0.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

CVE-2015-4900 [MEDIUM] CVE-2015-4900: Unspecified vulnerability in the XDB - XML Database component in Oracle Database Server 11.2.0.4, 12 Unspecified vulnerability in the XDB - XML Database component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

CVE-2015-4888 [MEDIUM] CVE-2015-4888: Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-4796.

CVE-2015-2629 [CRITICAL] CVE-2015-2629: Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11. Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0457.

CVE-2015-4740 [MEDIUM] CVE-2015-4740: Unspecified vulnerability in the RDBMS Partitioning component in Oracle Database Server 11.1.0.7, 11 Unspecified vulnerability in the RDBMS Partitioning component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

CVE-2015-2595 [MEDIUM] CVE-2015-2595: Unspecified vulnerability in the Oracle OLAP component in Oracle Database Server 12.1.0.1 and 12.1.0 Unspecified vulnerability in the Oracle OLAP component in Oracle Database Server 12.1.0.1 and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

CVE-2015-0468 [MEDIUM] CVE-2015-0468: Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.