Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle oracle9i 9.0 vulnerabilities and exploits
(subscribe to this query)
187
VMScore
CVE-2002-0568
Oracle 9i Application Server stores XSQL and SOAP configuration files insecurely, which allows local users to obtain sensitive information including usernames and passwords by requesting (1) XSQLConfig.xml or (2) soapConfig.xml through a virtual directory.
Oracle Application Server 1.0.2
Oracle Oracle8i 8.1.7
Oracle Oracle8i 8.1.7.1
Oracle Oracle9i 9.0
Oracle Oracle9i 9.0.1
409
VMScore
CVE-2003-0894
Buffer overflow in the (1) oracle and (2) oracleO programs in Oracle 9i Database 9.0.x and 9.2.x prior to 9.2.0.4 allows local users to execute arbitrary code via a long command line argument.
Oracle Oracle9i Standard 9.0
Oracle Oracle9i Standard 9.0.1
Oracle Oracle9i Standard 9.0.1.2
Oracle Oracle9i Standard 9.0.1.3
Oracle Oracle9i Personal 9.0.1
Oracle Oracle9i Personal 9.2.0.4
Oracle Oracle9i Standard 9.2.0.4
Oracle Oracle9i Enterprise 9.0.1
Oracle Oracle9i Enterprise 9.2.0.4
Oracle Oracle9i Standard 9.0.1.4
Oracle Oracle9i Standard 9.0.2
668
VMScore
CVE-2005-1495
Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the SYS user executes a SELECT statement on an FGA object, which makes it easier for malicious users to escape detection.
Oracle Oracle10g Personal 10.1.0.2
Oracle Oracle10g Personal 10.1.0.3
Oracle Oracle9i 9.0.1.2
Oracle Oracle9i 9.0.1.3
Oracle Application Server 10.1.0.3.1
Oracle Oracle10g Enterprise 10.1.0.2
Oracle Oracle10g Standard 10.1.0.3
Oracle Oracle10g Standard 10.1.0.3.1
Oracle Oracle9i 9.2.0.1
Oracle Oracle9i 9.2.0.2
Oracle Oracle10g Enterprise 10.1.0.3
Oracle Oracle10g Enterprise 10.1.0.3.1
Oracle Oracle9i 9.0
Oracle Oracle9i 9.0.1
Oracle Oracle9i Release 2 9.2.1
Oracle Oracle9i Release 2 9.2.2
Oracle Application Server 10.1.0.2
Oracle Application Server 10.1.0.3
Oracle Oracle10g Personal 10.1.0.3.1
Oracle Oracle10g Standard 10.1.0.2
Oracle Oracle9i 9.0.1.4
Oracle Oracle9i 9.0.2
445
VMScore
CVE-2002-1118
TNS Listener in Oracle Net Services for Oracle 9i 9.2.x and 9.0.x, and Oracle 8i 8.1.x, allows remote malicious users to cause a denial of service (hang or crash) via a SERVICE_CURLOAD command.
Oracle Oracle8i 8.1.7
Oracle Oracle8i 8.1.7.0.0 Enterprise
Oracle Oracle8i 8.1.7.1
Oracle Oracle8i 8.1.7.1.0 Enterprise
Oracle Oracle8i 8.1.5
Oracle Oracle8i 8.1.5.0.0 Enterprise
Oracle Oracle8i 8.1.5.0.2 Enterprise
Oracle Oracle9i 9.0.2
Oracle Oracle9i Release 2 9.2.1
Oracle Oracle9i Release 2 9.2.2
Oracle Oracle8i 8.1.6
Oracle Oracle8i 8.1.6.1.0 Enterprise
Oracle Oracle9i 9.0
Oracle Oracle9i 9.0.1.2
Oracle Oracle8i 8.1.5.1.0 Enterprise
Oracle Oracle8i 8.1.6.0.0 Enterprise
Oracle Oracle9i 9.0.1
Oracle Oracle9i 9.0.1 3
725
VMScore
CVE-2004-1707
The (1) dbsnmp and (2) nmo programs in Oracle 8i, Oracle 9i, and Oracle IAS 9.0.2.0.1, on Unix systems, use a default path to find and execute library files while operating at raised privileges, which allows certain Oracle user accounts to gain root privileges via a modified libc...
Oracle Application Server 1.0.2.2.2
Oracle Application Server 9.0.2
Oracle Application Server 9.0.3.1
Oracle Application Server Portal 3.0.9.8.5
Oracle Oracle8i Enterprise 8.0.5 .0.0
Oracle Oracle8i Enterprise 8.0.6 .0.0
Oracle Oracle8i Enterprise 8.0.6 .0.1
Oracle Oracle8i Enterprise 8.1.7 .1.0
Oracle Oracle8i Standard 8.0.6
Oracle Oracle8i Standard 8.1.7 .4
Oracle Oracle9i Client 9.2.0.1
Oracle Oracle9i Enterprise 9.2.0.3
Oracle Oracle9i Enterprise 9.2.0.4
Oracle Oracle9i Personal 9.2.0.2
Oracle Oracle9i Personal 9.2.0.3
Oracle Oracle9i Standard 9.0.1.5
Oracle Oracle9i Standard 9.0.2
Oracle Application Server
Oracle Application Server 1.0.2
Oracle Application Server 9.0.2.1
Oracle Application Server 9.0.2.2
Oracle Application Server Portal 9.0.2.3b
1 EDB exploit
801
VMScore
CVE-2003-0222
Stack-based buffer overflow in Oracle Net Services for Oracle Database Server 9i release 2 and previous versions allows malicious users to execute arbitrary code via a "CREATE DATABASE LINK" query containing a connect string with a long USING parameter.
Oracle Database Server 7.3.3
Oracle Database Server 7.3.4
Oracle Database Server 8.0.6
Oracle Database Server 8.1.5
Oracle Database Server 8.1.6
Oracle Oracle8i 8.1.5
Oracle Oracle8i 8.1.6
Oracle Oracle9i 9.0.1.2
Oracle Oracle9i 9.0.1.3
Oracle Database Server 8.0.1
Oracle Database Server 8.0.2
Oracle Database Server 8.1.7
Oracle Database Server 9.2.1
Oracle Oracle8i 8.1.7
Oracle Oracle8i 8.1.7.1
Oracle Oracle9i 9.0.1.4
Oracle Oracle9i 9.0.2
Oracle Database Server 8.0.3
Oracle Database Server 8.0.4
Oracle Database Server 9.2.2
Oracle Oracle8i 8.0.6
Oracle Oracle8i 8.1.7.4
445
VMScore
CVE-2002-0562
The default configuration of Oracle 9i Application Server 1.0.2.x running Oracle JSP or SQLJSP stores globals.jsa under the web root, which allows remote malicious users to gain sensitive information including usernames and passwords via a direct HTTP request to globals.jsa.
Oracle Oracle9i 9.0.1
Oracle Application Server 1.0.2
Oracle Application Server Web Cache 2.0.0.0
Oracle Application Server Web Cache 2.0.0.3
Oracle Oracle9i 9.0
Oracle Application Server Web Cache 2.0.0.1
Oracle Application Server Web Cache 2.0.0.2
445
VMScore
CVE-2002-0565
Oracle 9iAS 1.0.2.x compiles JSP files in the _pages directory with world-readable permissions under the web root, which allows remote malicious users to obtain sensitive information derived from the JSP code, including usernames and passwords, via a direct HTTP request to _pages...
Oracle Application Server Web Cache 2.0.0.3
Oracle Oracle9i 9.0
Oracle Oracle9i 9.0.1
Oracle Application Server Web Cache 2.0.0.0
Oracle Application Server Web Cache 2.0.0.1
Oracle Application Server Web Cache 2.0.0.2
Oracle Application Server 1.0.2
668
VMScore
CVE-2002-0559
Buffer overflows in PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allow remote malicious users to cause a denial of service or execute arbitrary code via (1) a long help page request without a dadname, which overflows the resulting HTTP Location header, (2) a lo...
Oracle Application Server Web Cache 2.0.0.2
Oracle Application Server Web Cache 2.0.0.3
Oracle Oracle8i 8.1.7
Oracle Oracle8i 8.1.7.1
Oracle Application Server Web Cache 2.0.0.0
Oracle Application Server Web Cache 2.0.0.1
Oracle Application Server 1.0.2
Oracle Oracle9i 9.0
Oracle Oracle9i 9.0.1
445
VMScore
CVE-2002-0560
PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote malicious users to obtain sensitive information via the OWA_UTIL stored procedures (1) OWA_UTIL.signature, (2) OWA_UTIL.listprint, or (3) OWA_UTIL.show_query_columns.
Oracle Application Server Web Cache 2.0.0.0
Oracle Application Server Web Cache 2.0.0.1
Oracle Application Server Web Cache 2.0.0.2
Oracle Application Server Web Cache 2.0.0.3
Oracle Oracle8i 8.1.7
Oracle Application Server 1.0.2
Oracle Oracle9i 9.0.1
Oracle Oracle8i 8.1.7.1
Oracle Oracle9i 9.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »