Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
alexander kornbrust vulnerabilities and exploits
(subscribe to this query)
690
VMScore
CVE-2005-1381
Multiple cross-site scripting (XSS) vulnerabilities in Oracle Webcache 9i allow remote malicious users to inject arbitrary web script or HTML via the (1) cache_dump_file or (2) PartialPageErrorPage parameter.
Oracle Application Server Web Cache
2 EDB exploits
505
VMScore
CVE-2005-1382
The webcacheadmin module in Oracle Webcache 9i allows remote malicious users to corrupt arbitrary files via a full pathname in the cache_dump_file parameter.
Oracle Application Server Web Cache
1 EDB exploit
655
VMScore
CVE-2004-0637
Oracle Database Server 8.1.7.4 up to and including 9.2.0.4 allows local users to execute commands with additional privileges via the ctxsys.driload package, which is publicly accessible.
Oracle Oracle9i Standard 9.0.1.3
Oracle Oracle8i Enterprise 8.1.7 .4
Oracle Oracle8i Standard 8.1.7 .4
Oracle Oracle9i Enterprise 9.2.0.4
Oracle Oracle9i Personal 9.2.0.4
Oracle Oracle9i Standard 9.2.0.4
1 EDB exploit
505
VMScore
CVE-2005-3206
iSQL*Plus (isqlplus) for Oracle9i Database Server Release 2 9.0.2.4 allows remote malicious users to cause a denial of service (TNS listener stop) via an HTTP request with an sid parameter that contains a STOP command.
Oracle Database Server 9.0.2.4
1 EDB exploit
755
VMScore
CVE-2005-1383
The OHS component 1.0.2 up to and including 10.x, when UseWebcacheIP is disabled, in Oracle Application Server allows remote malicious users to bypass HTTP Server mod_access restrictions via a request to the webcache TCP port 7778.
Oracle Application Server 10.1.0.2
Oracle Application Server 10.1.0.3
Oracle Application Server 10.1.0.3.1
Oracle Application Server 10.1.2
1 EDB exploit
435
VMScore
CVE-2005-3204
Cross-site scripting (XSS) vulnerability in Oracle XML DB 9iR2 allows remote malicious users to inject arbitrary web script or HTML via the query string in an HTTP request.
Oracle Application Server 9.0.2.3
Oracle Application Server 9.0.3
Oracle Oracle9i Enterprise 9.0.1.4
Oracle Oracle9i Enterprise 9.0.1.5
Oracle Oracle9i Enterprise 9.0.1.5 Fips
Oracle Oracle9i Enterprise 9.2.0.5
Oracle Oracle9i Enterprise 9.2.0.6
Oracle Oracle9i Personal 9.2.0.1
Oracle Oracle9i Personal 9.2.0.2
Oracle Oracle9i Standard 9.0.1.2
Oracle Oracle9i Standard 9.0.1.3
Oracle Oracle9i Standard 9.0.1.4
Oracle Application Server 9.0.2.1
Oracle Application Server 9.0.2.2
Oracle Oracle9i Developer 9.0.4
Oracle Oracle9i Enterprise 9.0.1
Oracle Oracle9i Enterprise 9.2.0.3
Oracle Oracle9i Enterprise 9.2.0.4
Oracle Oracle9i Personal 9.0.4
Oracle Oracle9i Personal 9.2
Oracle Oracle9i Standard 9.0
Oracle Oracle9i Standard 9.0.1
1 EDB exploit
505
VMScore
CVE-2005-3207
The forms servlet (f90servlet) in Oracle Forms 4.5.10.22 allows remote malicious users to cause a denial of service (TNS listener stop) via a userid parameter that contains a STOP command.
Oracle Forms 6.0.8.25
Oracle Forms 6i
Oracle Forms 9i
Oracle Forms 10g
Oracle Forms 4.5.10.22
Oracle Forms 5.0
1 EDB exploit
685
VMScore
CVE-2005-1380
Cross-site scripting (XSS) vulnerability in BEA Admin Console 8.1 allows remote malicious users to execute arbitrary web script or HTML via the server parameter to a JndiFramesetAction action.
Bea Weblogic Server 8.1
1 EDB exploit
405
VMScore
CVE-2009-0981
Unspecified vulnerability in the Application Express component in Oracle Database 11.1.0.7 allows remote authenticated users to affect confidentiality, related to APEX. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on reliable resea...
Oracle Database 11g 11.1.0.7
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started