Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle database server 9.2.0.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-5897
Buffer overflow in MDSYS.SDO_CS in Oracle Database Server 8iR3, 9iR1, 9iR2 up to 9.2.0.6, and 10gR1 up to 10.1.0.4 allows remote authenticated users to cause a denial of service (crash) and execute arbitrary code via the TRANSFORM function. NOTE: this issue might already be cover...
Oracle Database Server 10.1.0.3
Oracle Database Server
Oracle Database Server 9.2.0.1
Oracle Database Server 9.2.0.4
Oracle Database Server 10.1.0.2
Oracle Database Server 9.2.0.2
Oracle Database Server 9.2.0.6
Oracle Database Server 9.2.0.3
Oracle Database Server 10.1.0.4
Oracle Database Server 9.2.0.5
NA
CVE-2005-3641
Oracle Databases running on Windows XP with Simple File Sharing enabled, allows remote malicious users to bypass authentication by supplying a valid username.
Oracle Oracle10g Personal 10.1.0.3
Oracle Oracle9i Standard 9.0.2
Oracle Database Server 8.0.5.1
Oracle Oracle8i Standard 8.1.7.4
Oracle Oracle8i Enterprise 8.1.5.0.0
Oracle Oracle10g Standard 10.1.0.3.1
Oracle Oracle9i Standard 9.0.1.4
Oracle Database Server 8.1.7.4
Oracle Oracle8i Enterprise 8.1.6.0.0
Oracle Oracle9i Personal 8.1.7
Oracle Database Server Lite 5.0
Oracle Oracle9i Personal 9.0.4
Oracle Oracle9i Enterprise 9.0.2.4
Oracle Oracle9i Enterprise 9.2.0.5
Oracle Oracle9i Personal 9.2.0.1
Oracle Oracle9i Personal 9.2.0.2
Oracle Database Server 8.1.7
Oracle Oracle8i Standard 8.1.7.1
Oracle Oracle9i Personal 9.2.0.5
Oracle Oracle8i Standard 8.0.6
Oracle Database Server 8.1.5
Oracle Oracle9i Personal 9.0.1.5
NA
CVE-2005-1495
Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the SYS user executes a SELECT statement on an FGA object, which makes it easier for malicious users to escape detection.
Oracle Oracle10g Personal 10.1.0.3
Oracle Oracle10g Standard 10.1.0.3.1
Oracle Oracle9i 9.0.1
Oracle Oracle9i 9.0.2
Oracle Oracle9i Release 2 9.2.1
Oracle Application Server 10.1.0.3
Oracle Oracle10g Enterprise 10.1.0.3
Oracle Oracle9i 9.0
Oracle Oracle9i 9.2.0.1
Oracle Oracle9i 9.2.0.2
Oracle Oracle10g Enterprise 10.1.0.3.1
Oracle Oracle10g Standard 10.1.0.2
Oracle Oracle9i Release 2 9.2.2
Oracle Oracle10g Personal 10.1.0.3.1
Oracle Oracle9i 9.0.1.3
Oracle Oracle10g Personal 10.1.0.2
Oracle Oracle10g Standard 10.1.0.3
Oracle Oracle9i 9.0.1.2
Oracle Oracle10g Enterprise 10.1.0.2
Oracle Application Server 10.1.0.2
Oracle Application Server 10.1.0.3.1
Oracle Oracle9i 9.0.1.4
NA
CVE-2004-2244
The XML parser in Oracle 9i Application Server Release 2 9.0.3.0 and 9.0.3.1, 9.0.2.3 and previous versions, and Release 1 1.0.2.2 and 1.0.2.2.2, and Database Server Release 2 9.2.0.1 and later, allows remote malicious users to cause a denial of service (CPU and memory consumptio...
Oracle Oracle9i Standard 9.0.1.4
Oracle Oracle9i Personal 9.2.0.1
Oracle Oracle9i Personal 9.2.0.2
Oracle Oracle9i Enterprise 9.2.0.2
Oracle Oracle9i Standard 9.2.0.1
Oracle Application Server 1.0.2.2.2
Oracle Application Server 9.0.3
Oracle Oracle9i Standard 9.2.0.2
Oracle Application Server 9.0.3.1
Oracle Oracle9i Personal 9.0.1.4
Oracle Oracle9i Enterprise 9.2.0.1
Oracle Application Server 1.0.2.2
Oracle Oracle9i Enterprise 9.0.1.4
NA
CVE-2004-1338
The triggers in Oracle 9i and 10g allow local users to gain privileges by using a sequence of partially privileged actions: using CCBKAPPLROWTRIG or EXEC_CBK_FN_DML to add arbitrary functions to the SDO_CMT_DBK_FN_TABLE and SDO_CMT_CBK_DML_TABLE, then performing a DELETE on the S...
Oracle Oracle9i 9.0.2.2
Oracle Oracle9i 9.0.1
Oracle Oracle9i 9.0.2
Oracle Oracle9i 9.0
Oracle Oracle9i 9.2.0.1
Oracle Oracle9i 9.2.0.2
Oracle Oracle9i 9.0.1.3
Oracle Oracle9i 9.0.1.2
Oracle Oracle9i 9.0.2.0.0
Oracle Oracle9i 9.0.2.1
Oracle Oracle9i 9.0.2.3
Oracle Database Server 10.2.1
Oracle Oracle9i 9.0.1.4
Oracle Oracle9i 9.0.2.0.1
NA
CVE-2004-1339
SQL injection vulnerability in the (1) MDSYS.SDO_GEOM_TRIG_INS1 and (2) MDSYS.SDO_LRS_TRIG_INS default triggers in Oracle 9i and 10g allows remote malicious users to execute arbitrary SQL commands via the new.table_name or new.column_name parameters.
Oracle Oracle9i 9.0.2.2
Oracle Oracle9i 9.0.1
Oracle Oracle9i 9.0.2
Oracle Oracle9i 9.0
Oracle Oracle9i 9.2.0.1
Oracle Oracle9i 9.2.0.2
Oracle Oracle9i 9.0.1.3
Oracle Oracle9i 9.0.1.2
Oracle Oracle9i 9.0.2.0.0
Oracle Oracle9i 9.0.2.1
Oracle Oracle9i 9.0.2.3
Oracle Database Server 10.2.1
Oracle Oracle9i 9.0.1.4
Oracle Oracle9i 9.0.2.0.1
NA
CVE-2004-1370
Multiple SQL injection vulnerabilities in PL/SQL procedures that run with definer rights in Oracle 9i and 10g allow remote malicious users to execute arbitrary SQL commands and gain privileges via (1) DBMS_EXPORT_EXTENSION, (2) WK_ACL.GET_ACL, (3) WK_ACL.STORE_ACL, (4) WK_ADM.COM...
Oracle Oracle10g Standard 9.0.4 .0
Oracle Oracle8i Standard 8.1.7 .4
Oracle Oracle9i Standard 9.0.2
Oracle Oracle9i Standard 9.0.1.4
Oracle Collaboration Suite Release 1
Oracle Application Server 9.0.2.1
Oracle Oracle8i Enterprise 8.1.6 .0.0
Oracle Oracle9i Personal 8.1.7
Oracle Application Server
Oracle Oracle9i Client 9.2.0.2
Oracle Application Server 9.0.2.0.0
Oracle E-business Suite 11.5.5
Oracle Oracle9i Client 9.2.0.1
Oracle Enterprise Manager 9.0.1
Oracle Oracle9i Enterprise 9.2.0.5
Oracle Oracle9i Personal 9.2.0.1
Oracle Oracle9i Personal 9.2.0.2
Oracle Oracle9i Personal 9.2.0.5
Oracle Oracle8i Standard 8.0.6
Oracle Application Server 9.0.4
Oracle E-business Suite 11.5.4
Oracle Oracle8i Enterprise 8.1.5 .1.0
NA
CVE-2004-1364
Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote malicious users to access arbitrary libraries outside of the $ORACLE_HOME\bin directory.
Oracle Oracle10g Standard 9.0.4 .0
Oracle Oracle8i Standard 8.1.7 .4
Oracle Oracle9i Standard 9.0.2
Oracle Oracle9i Standard 9.0.1.4
Oracle Collaboration Suite Release 1
Oracle Application Server 9.0.2.1
Oracle Oracle8i Enterprise 8.1.6 .0.0
Oracle Oracle9i Personal 8.1.7
Oracle Application Server
Oracle Oracle9i Client 9.2.0.2
Oracle Application Server 9.0.2.0.0
Oracle E-business Suite 11.5.5
Oracle Oracle9i Client 9.2.0.1
Oracle Enterprise Manager 9.0.1
Oracle Oracle9i Enterprise 9.2.0.5
Oracle Oracle9i Personal 9.2.0.1
Oracle Oracle9i Personal 9.2.0.2
Oracle Oracle9i Personal 9.2.0.5
Oracle Oracle8i Standard 8.0.6
Oracle Application Server 9.0.4
Oracle E-business Suite 11.5.4
Oracle Oracle8i Enterprise 8.1.5 .1.0
2 EDB exploits
NA
CVE-2004-1365
Extproc in Oracle 9i and 10g does not require authentication to load a library or execute a function, which allows local users to execute arbitrary commands as the Oracle user.
Oracle Oracle10g Standard 9.0.4 .0
Oracle Oracle8i Standard 8.1.7 .4
Oracle Oracle9i Standard 9.0.2
Oracle Oracle9i Standard 9.0.1.4
Oracle Collaboration Suite Release 1
Oracle Application Server 9.0.2.1
Oracle Oracle8i Enterprise 8.1.6 .0.0
Oracle Oracle9i Personal 8.1.7
Oracle Application Server
Oracle Oracle9i Client 9.2.0.2
Oracle Application Server 9.0.2.0.0
Oracle E-business Suite 11.5.5
Oracle Oracle9i Client 9.2.0.1
Oracle Enterprise Manager 9.0.1
Oracle Oracle9i Enterprise 9.2.0.5
Oracle Oracle9i Personal 9.2.0.1
Oracle Oracle9i Personal 9.2.0.2
Oracle Oracle9i Personal 9.2.0.5
Oracle Oracle8i Standard 8.0.6
Oracle Application Server 9.0.4
Oracle E-business Suite 11.5.4
Oracle Oracle8i Enterprise 8.1.5 .1.0
NA
CVE-2004-1366
Oracle 10g Database Server stores the password for the SYSMAN account in cleartext in the world-readable emoms.properties file, which could allow local users to gain DBA privileges.
Oracle Oracle10g Standard 9.0.4 .0
Oracle Oracle8i Standard 8.1.7 .4
Oracle Oracle9i Standard 9.0.2
Oracle Oracle9i Standard 9.0.1.4
Oracle Collaboration Suite Release 1
Oracle Application Server 9.0.2.1
Oracle Oracle8i Enterprise 8.1.6 .0.0
Oracle Oracle9i Personal 8.1.7
Oracle Application Server
Oracle Oracle9i Client 9.2.0.2
Oracle Application Server 9.0.2.0.0
Oracle E-business Suite 11.5.5
Oracle Oracle9i Client 9.2.0.1
Oracle Enterprise Manager 9.0.1
Oracle Oracle9i Enterprise 9.2.0.5
Oracle Oracle9i Personal 9.2.0.1
Oracle Oracle9i Personal 9.2.0.2
Oracle Oracle9i Personal 9.2.0.5
Oracle Oracle8i Standard 8.0.6
Oracle Application Server 9.0.4
Oracle E-business Suite 11.5.4
Oracle Oracle8i Enterprise 8.1.5 .1.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »