Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
application server 10g vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2006-6697
CRLF injection vulnerability in webapp/jsp/calendar.jsp in Oracle Portal 10g and previous versions, including 9.0.2, allows remote malicious users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the enc parameter.
Oracle Application Server Portal 10g
Oracle Application Server Portal 9.0.2
1 EDB exploit
5
CVSSv2
CVE-2008-2138
Oracle Application Server (OracleAS) Portal 10g allows remote malicious users to bypass intended access restrictions and read the contents of /dav_portal/portal/ by sending a request containing a trailing "%0A" (encoded line feed), then using the session ID that is gene...
Oracle Application Server Portal 10g
1 EDB exploit
10
CVSSv2
CVE-2005-3460
Unspecified vulnerability in Oracle Agent in Oracle Enterprise Manager 9.0.4.1 up to 10.1.0.4 has unknown impact and attack vectors, as identified by Oracle Vuln# EM01.
Oracle Enterprise Manager Application Server Control 9.0.4.1
Oracle Enterprise Manager Application Server Control 9.0.4.2
Oracle 10g Enterprise Manager Database Control 10.1.0.3
Oracle 10g Enterprise Manager Database Control 10.1.0.4
7.5
CVSSv2
CVE-2006-0586
Multiple SQL injection vulnerabilities in Oracle 10g Release 1 before CPU Jan 2006 allow remote malicious users to execute arbitrary SQL commands via multiple parameters in (1) ATTACH_JOB, (2) HAS_PRIVS, and (3) OPEN_JOB functions in the SYS.KUPV$FT package; and (4) UPDATE_JOB, (...
Oracle Oracle10g Personal 10.1.0.3
Oracle Application Server 10.1.2.0.2
Oracle Oracle10g Standard 10.1.0.3.1
Oracle Application Server 10.1.2.1.0
Oracle Application Server 10.1.0.3
Oracle Oracle10g Enterprise 10.1.0.4
Oracle Oracle10g Enterprise 10.1.0.3
Oracle Oracle10g Enterprise 10.1.0.3.1
Oracle Oracle10g Standard 10.1.0.2
Oracle Oracle10g Standard 10.1.0.4
Oracle Application Server 10.1.2.0.1
Oracle Oracle10g Personal 10.1.0.2
Oracle Oracle10g Standard 10.1.0.3
Oracle Oracle10g Standard 10.1.0.5
Oracle Oracle10g Personal 10.10.3.1
Oracle Application Server 10.1.0.4
Oracle Oracle10g Enterprise 10.1.0.2
Oracle Application Server 10.1.0.2
Oracle Oracle10g Standard 10.1.0.4.2
Oracle Application Server 10.1.0.3.1
Oracle Application Server 10.1.2
Oracle Oracle10g Personal 10.1.0.4
3 EDB exploits
4.3
CVSSv2
CVE-2007-1506
Cross-site scripting (XSS) vulnerability in PORTAL.wwv_main.render_warning_screen in the Oracle Portal 10g allows remote malicious users to inject arbitrary web script or HTML via the (1) p_oldurl and (2) p_newurl parameters.
Oracle Application Server Portal
1 EDB exploit
10
CVSSv2
CVE-2006-0287
Unspecified vulnerability in the Oracle HTTP Server component of Oracle Database Server 10.1.0.5 and Application Server 10.1.2.0.2 has unspecified impact and attack vectors, as identified by Oracle Vuln# OHS02.
Oracle Database Server 10.1.0.5
Oracle Application Server 10.1.2.0.2
1 EDB exploit
10
CVSSv2
CVE-2006-1884
Unspecified vulnerability in the Oracle Thesaurus Management System component in Oracle E-Business Suite and OPA 4.5.2 Applications has unknown impact and attack vectors, aka Vuln# OPA01.
Oracle Application Server 10.1.2.0.0
Oracle Application Server 10.1.2.0.1
Oracle Collaboration Suite 10g Release 1 10.1.1
Oracle Collaboration Suite 10g Release 1 10.1.2.0
Oracle Database Server 8.1.7.4
Oracle Database Server 9.0.1.4
Oracle E-business Suite 11.5.1
Oracle E-business Suite 11.5.10
Oracle Peoplesoft Enterprise Tools 8.46
Oracle Peoplesoft Enterprise Tools 8.47.04
Jdedwards Enterpriseone Tools 8.95
Oracle Application Server 10.1.2.0.2
Oracle Application Server 10.1.2.1.0
Oracle Collaboration Suite 10g Release 1 10.1.2.1
Oracle Database Server 10.2.0.1
Oracle Database Server 9.0.1.5
Oracle Database Server 9.2.0.6
Oracle E-business Suite 11.5.10.1
Oracle E-business Suite 11.5.10.2
Oracle Peoplesoft Enterprise Tools 8.47
Oracle Pharmaceutical 4.5.0
Oneworld Oneworld Tools 8.95.j1
7.2
CVSSv2
CVE-2004-1363
Buffer overflow in extproc in Oracle 10g allows remote malicious users to execute arbitrary code via environment variables in the library name, which are expanded after the length check is performed.
Oracle Database Server 8.1.7.4
Oracle Application Server 9.0.2.1
Oracle Application Server
Oracle Database Server 9.0.1.5
Oracle Application Server 9.0.2.0.0
Oracle E-business Suite 11.5.5
Oracle Enterprise Manager 9.0.1
Oracle Database Server 9.0.4
Oracle Application Server 9.0.4
Oracle E-business Suite 11.5.4
Oracle Database Server 9.2.0.4
Oracle Application Server 9.0.2.3
Oracle E-business Suite 11.5.2
Oracle Application Server 9.0.4.1
Oracle E-business Suite 11.5.7
Oracle Database Server 10.1.0.2
Oracle Application Server 9.0.2.0.1
Oracle Application Server 9.0.4.0
Oracle E-business Suite 11.5.1
Oracle Enterprise Manager 9
Oracle Application Server 9.0.2.2
Oracle Application Server 9.0.2
5
CVSSv2
CVE-2008-2595
Unspecified vulnerability in the Oracle Internet Directory component in Oracle Application Server 9.0.4.3, 10.1.2.3, and 10.1.4.2 has unknown impact and remote attack vectors. NOTE: the previous information was obtained from the Oracle July 2008 CPU. Oracle has not commented on r...
Oracle Database 10g 10.1.2.3
Oracle Database 10g 10.1.4.2
Oracle Database 9i 9.0.4.3
1 EDB exploit
10
CVSSv2
CVE-2004-0385
Heap-based buffer overflow in Oracle 9i Application Server Web Cache 9.0.4.0.0, 9.0.3.1.0, 9.0.2.3.0, and 9.0.0.4.0 allows remote malicious users to execute arbitrary code via a long HTTP request method header to the Web Cache listener. NOTE: due to the vagueness of the Oracle ad...
Oracle Application Server Web Cache 9.0.0.4.0
Oracle Application Server Web Cache 9.0.2.3.0
Oracle Application Server Web Cache 9.0.3.1.0
Oracle Application Server Web Cache 9.0.4.0.0
Oracle E-business Suite 11i
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
injection
CVE-2024-30983
CVE-2023-4235
CVE-2024-21338
privilege
encryption
CVE-2023-4232
CVE-2024-31497
CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »