Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle9i vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2002-0965
Buffer overflow in TNS Listener for Oracle 9i Database Server on Windows systems, and Oracle 8 on VM, allows local users to execute arbitrary code via a long SERVICE_NAME parameter, which is not properly handled when writing an error message to a log file.
Oracle Oracle9i 9.0.2
Oracle Oracle9i 9.0
Oracle Oracle9i 9.0.1
1 EDB exploit
7.5
CVSSv2
CVE-2003-0634
Stack-based buffer overflow in the PL/SQL EXTPROC functionality for Oracle9i Database Release 2 and 1, and Oracle 8i, allows authenticated database users, and arbitrary database users in some cases, to execute arbitrary code via a long library name.
Oracle Oracle8i Enterprise 8.1.5 .1.0
Oracle Oracle8i Enterprise 8.1.6 .0.0
Oracle Oracle8i Standard 8.1.7 .0.0
Oracle Oracle8i Standard 8.1.7 .1
Oracle Oracle8i Standard 8.1.7 .4
Oracle Oracle9i Personal 9.2.0.1
Oracle Oracle9i Personal 9.2.0.2
Oracle Oracle9i Standard 9.2.0.1
Oracle Oracle9i Standard 9.2.0.2
Oracle Oracle8i Enterprise 8.1.7 .1.0
Oracle Oracle8i Standard 8.1.5
Oracle Oracle9i Enterprise 9.0.1
Oracle Oracle9i Enterprise 9.2.0.1
Oracle Oracle9i Standard 9.0.1.2
Oracle Oracle9i Standard 9.0.1.3
Oracle Oracle8i Enterprise 8.1.6 .1.0
Oracle Oracle8i Enterprise 8.1.7 .0.0
Oracle Oracle9i Client 9.2.0.1
Oracle Oracle9i Client 9.2.0.2
Oracle Oracle9i Standard 9.0
Oracle Oracle9i Standard 9.0.1
Oracle Oracle8i Enterprise 8.1.5 .0.0
7.5
CVSSv2
CVE-2005-3641
Oracle Databases running on Windows XP with Simple File Sharing enabled, allows remote malicious users to bypass authentication by supplying a valid username.
Oracle Database Server 7.0.64
Oracle Database Server 8.0.3
Oracle Database Server 8.0.5
Oracle Database Server 8.1.6
Oracle Database Server 8.1.7.4
Oracle Oracle10g Enterprise 10.1.0.3.1
Oracle Oracle10g Enterprise 9.0.4.0
Oracle Oracle10g Standard 10.1.0.3
Oracle Oracle10g Standard 10.1.0.4
Oracle Oracle8i Enterprise 8.0.6.0.1
Oracle Oracle8i Enterprise 8.1.5.0.2
Oracle Oracle8i Enterprise 8.1.6.0.0
Oracle Oracle8i Standard 8.0.6
Oracle Oracle8i Standard 8.1.5
Oracle Oracle9i Enterprise 9.0.1
Oracle Oracle9i Enterprise 9.0.1.5
Oracle Oracle9i Enterprise 9.2.0.1
Oracle Oracle9i Enterprise 9.2.0.3
Oracle Oracle9i Enterprise 9.2.0.6
Oracle Oracle9i Personal 9.0.1.5 Fips
Oracle Oracle9i Personal 9.0.4
Oracle Oracle9i Standard 8.1.7
6.5
CVSSv2
CVE-2004-0637
Oracle Database Server 8.1.7.4 up to and including 9.2.0.4 allows local users to execute commands with additional privileges via the ctxsys.driload package, which is publicly accessible.
Oracle Oracle9i Standard 9.0.1.3
Oracle Oracle8i Enterprise 8.1.7 .4
Oracle Oracle8i Standard 8.1.7 .4
Oracle Oracle9i Enterprise 9.2.0.4
Oracle Oracle9i Personal 9.2.0.4
Oracle Oracle9i Standard 9.2.0.4
1 EDB exploit
7.5
CVSSv2
CVE-2005-1495
Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the SYS user executes a SELECT statement on an FGA object, which makes it easier for malicious users to escape detection.
Oracle Oracle10g Personal 10.1.0.2
Oracle Oracle10g Personal 10.1.0.3
Oracle Oracle9i 9.0.1.2
Oracle Oracle9i 9.0.1.3
Oracle Application Server 10.1.0.3.1
Oracle Oracle10g Enterprise 10.1.0.2
Oracle Oracle10g Standard 10.1.0.3
Oracle Oracle10g Standard 10.1.0.3.1
Oracle Oracle9i 9.2.0.1
Oracle Oracle9i 9.2.0.2
Oracle Oracle10g Enterprise 10.1.0.3
Oracle Oracle10g Enterprise 10.1.0.3.1
Oracle Oracle9i 9.0
Oracle Oracle9i 9.0.1
Oracle Oracle9i Release 2 9.2.1
Oracle Oracle9i Release 2 9.2.2
Oracle Application Server 10.1.0.2
Oracle Application Server 10.1.0.3
Oracle Oracle10g Personal 10.1.0.3.1
Oracle Oracle10g Standard 10.1.0.2
Oracle Oracle9i 9.0.1.4
Oracle Oracle9i 9.0.2
5
CVSSv2
CVE-2002-0509
Transparent Network Substrate (TNS) Listener in Oracle 9i 9.0.1.1 allows remote malicious users to cause a denial of service (CPU consumption) via a single malformed TCP packet to port 1521.
Oracle Oracle9i 9.0
Oracle Oracle9i 9.0.1
7.5
CVSSv2
CVE-2002-0571
Oracle Oracle9i database server 9.0.1.x allows local users to access restricted data via a SQL query using ANSI outer join syntax.
Oracle Oracle9i 9.0
Oracle Oracle9i 9.0.1
7.5
CVSSv2
CVE-2003-1193
Multiple SQL injection vulnerabilities in the Portal DB (1) List of Values (LOVs), (2) Forms, (3) Hierarchy, and (4) XML components packages in Oracle Oracle9i Application Server 9.0.2.00 up to and including 3.0.9.8.5 allow remote malicious users to execute arbitrary SQL commands...
Oracle Application Server Portal 3.0.9.8.5
Oracle Application Server Portal 9.0.2.3
Oracle Oracle9i 9.0.2.2
Oracle Oracle9i 9.0.2.3
Oracle Application Server Portal 9.0.2.3a
Oracle Application Server Portal 9.0.2.3b
Oracle Oracle9i 9.0.2
Oracle Oracle9i 9.0.2.0.0
Oracle Oracle9i 9.0.2.0.1
Oracle Oracle9i 9.0.2.1
7.2
CVSSv2
CVE-2004-1707
The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9.0.2.0.1, on Unix systems, use a default path to find and execute library files while operating at raised privileges, which allows certain Oracle user accounts to gain root privileges via a modified libc...
Oracle Application Server 1.0.2.2.2
Oracle Application Server 9.0.2
Oracle Application Server 9.0.3.1
Oracle Application Server Portal 3.0.9.8.5
Oracle Oracle8i Enterprise 8.0.5 .0.0
Oracle Oracle8i Enterprise 8.0.6 .0.0
Oracle Oracle8i Enterprise 8.0.6 .0.1
Oracle Oracle8i Enterprise 8.1.7 .1.0
Oracle Oracle8i Standard 8.0.6
Oracle Oracle8i Standard 8.1.7 .4
Oracle Oracle9i Client 9.2.0.1
Oracle Oracle9i Enterprise 9.2.0.3
Oracle Oracle9i Enterprise 9.2.0.4
Oracle Oracle9i Personal 9.2.0.2
Oracle Oracle9i Personal 9.2.0.3
Oracle Oracle9i Standard 9.0.1.5
Oracle Oracle9i Standard 9.0.2
Oracle Application Server
Oracle Application Server 1.0.2
Oracle Application Server 9.0.2.1
Oracle Application Server 9.0.2.2
Oracle Application Server Portal 9.0.2.3b
1 EDB exploit
10
CVSSv2
CVE-2003-0095
Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, and 8.0.6 allows remote malicious users to execute arbitrary code via a long username that is provided during login, as exploitable through client applications that perform their own authentication, as demons...
Oracle Oracle9i 9.0.1
Oracle Oracle9i 9.0.1.2
Oracle Database Server 8.0.6
Oracle Database Server 9.2.1
Oracle Oracle9i 9.0.1.3
Oracle Oracle9i 9.0.2
Oracle Database Server 9.2.2
Oracle Oracle8i 8.1.7
Oracle Oracle8i 8.1.7.1
Oracle Oracle9i 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »