Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle database server 9.0 vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2002-0564
PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote malicious users to bypass authentication for a Database Access Descriptor (DAD) by modifying the URL to reference an alternate DAD that already has valid credentials.
Oracle Oracle9i 9.0.1
Oracle Application Server Web Cache 2.0.0.2
Oracle Oracle9i 9.0
Oracle Oracle8i 8.1.7.1
Oracle Oracle8i 8.1.7
Oracle Application Server Web Cache 2.0.0.1
Oracle Application Server Web Cache 2.0.0.0
Oracle Application Server 1.0.2
Oracle Application Server Web Cache 2.0.0.3
5
CVSSv2
CVE-2020-11612
The ZlibDecoders in Netty 4.1.x prior to 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. An attacker could send a large ZlibEncoded byte stream to the Netty server, forcing the server to allocate all of its free memory to a single decoder.
Netty Netty
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 33
Netapp Oncommand Workflow Automation -
Netapp Oncommand Insight -
Netapp Oncommand Api Services -
Oracle Webcenter Portal 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.4.0
Oracle Nosql Database
Oracle Communications Messaging Server 8.1
Oracle Communications Design Studio 7.4.2
Oracle Communications Brm - Elastic Charging Engine 12.0.0.3
Oracle Communications Cloud Native Core Service Communication Proxy 1.5.2
Oracle Siebel Core - Server Framework
7.5
CVSSv2
CVE-2018-14719
FasterXML jackson-databind 2.x prior to 2.9.7 might allow remote malicious users to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization.
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Oracle Primavera Unifier 16.2
Oracle Primavera P6 Enterprise Project Portfolio Management 16.2
Oracle Primavera P6 Enterprise Project Portfolio Management 15.1
Oracle Database Server 12.1.0.2
Oracle Banking Platform 2.5.0
Oracle Primavera Unifier 16.1
Oracle Database Server 11.2.0.4
Oracle Primavera P6 Enterprise Project Portfolio Management 16.1
Oracle Jdeveloper 12.1.3.0.0
Oracle Primavera P6 Enterprise Project Portfolio Management 15.2
Oracle Retail Merchandising System 16.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Database Server 12.2.0.1
Oracle Business Process Management Suite 12.1.3.0.0
Oracle Business Process Management Suite 12.2.1.3.0
Oracle Primavera P6 Enterprise Project Portfolio Management
Oracle Primavera P6 Enterprise Project Portfolio Management 18.8
Oracle Database Server 18c
Oracle Communications Billing And Revenue Management 7.5
4.3
CVSSv2
CVE-2021-36221
Go prior to 1.15.15 and 1.16.x prior to 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort.
Golang Go
Fedoraproject Fedora 33
Fedoraproject Fedora 34
Fedoraproject Fedora 35
Debian Debian Linux 9.0
Oracle Timesten In-memory Database
Siemens Scalance Lpe9403 Firmware
4.3
CVSSv2
CVE-2019-0201
An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeeper’s getACL() command doesn’t check any permission when retrieves the ACLs of the requested node and returns all information contained in the ACL Id field as plaintext string...
Apache Zookeeper 3.5.3
Apache Zookeeper 3.5.0
Apache Zookeeper
Apache Zookeeper 3.5.1
Apache Zookeeper 3.5.2
Apache Zookeeper 3.5.4
Apache Drill 1.16.0
Apache Activemq 5.15.9
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Redhat Fuse 1.0.0
Oracle Goldengate Stream Analytics
Oracle Siebel Core - Server Framework
Oracle Timesten In-memory Database
Netapp Hci Bootstrap Os -
Netapp Element Software -
1 Article
7.5
CVSSv2
CVE-2019-16942
A Polymorphic Typing issue exists in FasterXML jackson-databind 2.0.0 up to and including 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, a...
Fasterxml Jackson-databind
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Redhat Jboss Enterprise Application Platform 7.2.0
Redhat Jboss Enterprise Application Platform 7.3
Netapp Steelstore Cloud Integrated Storage -
Netapp Oncommand Workflow Automation -
Netapp Service Level Manager -
Netapp Oncommand Api Services -
Netapp Active Iq Unified Manager
Oracle Primavera Unifier 16.2
Oracle Banking Platform 2.4.0
Oracle Jd Edwards Enterpriseone Tools 9.2
Oracle Banking Platform 2.4.1
Oracle Banking Platform 2.5.0
Oracle Primavera Unifier 16.1
Oracle Weblogic Server 12.2.1.3.0
Oracle Webcenter Portal 12.2.1.3.0
Oracle Database Server 12.2.0.1
2 Github repositories
4.4
CVSSv2
CVE-2020-9484
When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the PersistenceManager with a FileStore; a...
Apache Tomcat 9.0.0
Apache Tomcat 10.0.0
Apache Tomcat
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 20.04
Oracle Transportation Management 6.3.7
Oracle Hospitality Guest Access 4.2.0
Oracle Hospitality Guest Access 4.2.1
Oracle Managed File Transfer 12.2.1.3.0
Oracle Retail Order Broker 15.0
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Database 12.2.0.1
Oracle Instantis Enterprisetrack
Oracle Communications Instant Messaging Server 10.0.1.4.0
18 Github repositories
7.5
CVSSv2
CVE-2002-0571
Oracle Oracle9i database server 9.0.1.x allows local users to access restricted data via a SQL query using ANSI outer join syntax.
Oracle Oracle9i 9.0.1
Oracle Oracle9i 9.0
7.5
CVSSv2
CVE-2005-1495
Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the SYS user executes a SELECT statement on an FGA object, which makes it easier for malicious users to escape detection.
Oracle Oracle10g Personal 10.1.0.3
Oracle Oracle10g Standard 10.1.0.3.1
Oracle Oracle9i 9.0.1
Oracle Oracle9i 9.0.2
Oracle Oracle9i Release 2 9.2.1
Oracle Application Server 10.1.0.3
Oracle Oracle10g Enterprise 10.1.0.3
Oracle Oracle9i 9.0
Oracle Oracle9i 9.2.0.1
Oracle Oracle9i 9.2.0.2
Oracle Oracle10g Enterprise 10.1.0.3.1
Oracle Oracle10g Standard 10.1.0.2
Oracle Oracle9i Release 2 9.2.2
Oracle Oracle10g Personal 10.1.0.3.1
Oracle Oracle9i 9.0.1.3
Oracle Oracle10g Personal 10.1.0.2
Oracle Oracle10g Standard 10.1.0.3
Oracle Oracle9i 9.0.1.2
Oracle Oracle10g Enterprise 10.1.0.2
Oracle Application Server 10.1.0.2
Oracle Application Server 10.1.0.3.1
Oracle Oracle9i 9.0.1.4
7.5
CVSSv2
CVE-2002-0965
Buffer overflow in TNS Listener for Oracle 9i Database Server on Windows systems, and Oracle 8 on VM, allows local users to execute arbitrary code via a long SERVICE_NAME parameter, which is not properly handled when writing an error message to a log file.
Oracle Oracle9i 9.0.1
Oracle Oracle9i 9.0.2
Oracle Oracle9i 9.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29824
CVE-2024-30095
CVE-2024-30104
client side
CVE-2024-5840
CVE-2024-34405
unprivileged
wireless
CVE-2024-4577
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »