Oracle Database vulnerabilities

5 known vulnerabilities affecting oracle/oracle_database.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM3LOW1

Vulnerabilities

Page 1 of 1
CVE-2017-3310CRITICALCVSS 9.0v11.2.0.4v12.1.0.22017-01-27
CVE-2017-3310 [CRITICAL] CVE-2017-3310: Vulnerability in the OJVM component of Oracle Database Server. Supported versions that are affected Vulnerability in the OJVM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Easily exploitable vulnerability allows low privileged attacker having Create Session, Create Procedure privilege with network access via multiple protocols to compromise OJVM. Successful attacks require human interaction from a pers
cvelistv5nvd
CVE-2017-3240LOWCVSS 3.3v12.1.0.22017-01-27
CVE-2017-3240 [LOW] CWE-200 CVE-2017-3240: Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that Vulnerability in the RDBMS Security component of Oracle Database Server. The supported version that is affected is 12.1.0.2. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where RDBMS Security executes to compromise RDBMS Security. Successful attacks of this vulnerability can r
cvelistv5nvd
CVE-2008-2611MEDIUMCVSS 4.0v9.0.1.5v9.2.0.8+2 more2008-07-15
CVE-2008-2611 [MEDIUM] CVE-2008-2611: Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2 Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors.
nvd
CVE-2008-2600MEDIUMCVSS 6.5v11.1.0.62008-07-15
CVE-2008-2600 [MEDIUM] CVE-2008-2600: Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5, 10.2.0.3, and Unspecified vulnerability in the Oracle Spatial component in Oracle Database 10.1.0.5, 10.2.0.3, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to MDSYS.SDO_TOPO_MAP.
nvd
CVE-2008-2592MEDIUMCVSS 5.5v9.0.1.5v9.2.0.8+2 more2008-07-15
CVE-2008-2592 [MEDIUM] CVE-2008-2592: Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.0.1.5 FIPS+, 9. Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.0.1.5 FIPS+, 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.6 has unknown impact and remote authenticated attack vectors related to SYS.DBMS_DEFER_SYS. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on reliable research
nvd
Oracle Database vulnerabilities | cvebase