Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
application server 10g vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2007-0275
Cross-site scripting (XSS) vulnerability in Oracle Reports Web Cartridge (RWCGI60) in the Workflow Cartridge component, as used in Oracle Database 9.2.0.8, 10.1.0.5, and 10.2.0.3; Application Server 9.0.4.3, 10.1.2.0.2, and 10.1.2.2; Collaboration Suite 10.1.2; and Oracle E-Busin...
Oracle Database Server 10.1.0.5
Oracle Database Server 10.2.0.3
Oracle Application Server 10.1.2.0.2
Oracle Application Server 10.1.2.2
Oracle Database Server 9.2.0.8
Oracle E-business Suite 11.5.10.2
Oracle Application Server 9.0.4.3
Oracle Collaboration Suite 10.1.2
NA
CVE-2006-0552
Unspecified vulnerability in the Net Listener component of Oracle Database server 8.1.7.4, 9.0.1.5, 9.0.1.5 FIPS, and 9.2.0.7 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB11.
Oracle Application Server 10.1.2.0.0
Oracle Application Server 10.1.2.0.1
Oracle Application Server 9.0.4.2
Oracle Collaboration Suite 10.1.1
Oracle Developer Suite 9.0.2.1
Oracle Developer Suite 9.0.4.1
Oracle E-business Suite 11.5.5
Oracle E-business Suite 11.5.6
Oracle Oracle10g Enterprise 10.1.0.4
Oracle Oracle10g Personal 10.1.0.3
Oracle Oracle10g Personal 10.1.0.4
Oracle Oracle8i Standard 8.0.6
Oracle Oracle8i Standard 8.0.6.3
Oracle Peoplesoft Enterprise Portal 8.4
Oracle Peoplesoft Enterprise Portal 8.8
Oracle 10g Enterprise Manager Grid Control 10.1 .0.4
Oracle Application Server 1.0.2.2
Oracle Application Server 10.1.2.0.2
Oracle Application Server 10.1.2.1.0
Oracle Database Server 8.0.6
Oracle Database Server 8.0.6.3
Oracle E-business Suite 11.5.10
NA
CVE-2007-1609
Cross-site scripting (XSS) vulnerability in servlet/Spy in Dynamic Monitoring Services (DMS) in Oracle Application Server (OAS) 10g 10.1.2.0.0 allows remote malicious users to inject arbitrary web script or HTML via the table parameter. NOTE: This may be related to CVE-2002-0563.
Oracle Application Server 10.1.2.0.0
NA
CVE-2005-1496
The DBMS_Scheduler in Oracle 10g allows remote attackers with CREATE JOB privileges to gain additional privileges by changing SESSION_USER to the SYS user.
Oracle Application Server 10.1.0.2
Oracle Application Server 10.1.0.3
Oracle Oracle10g Personal 10.1.0.3.1
Oracle Oracle10g Standard 10.1.0.2
Oracle Oracle10g Enterprise 10.1.0.3
Oracle Oracle10g Enterprise 10.1.0.3.1
Oracle Oracle10g Personal 10.1.0.2
Oracle Oracle10g Personal 10.1.0.3
Oracle Application Server 10.1.0.3.1
Oracle Oracle10g Enterprise 10.1.0.2
Oracle Oracle10g Standard 10.1.0.3
Oracle Oracle10g Standard 10.1.0.3.1
NA
CVE-2004-1364
Directory traversal vulnerability in extproc in Oracle 9i and 10g allows remote malicious users to access arbitrary libraries outside of the $ORACLE_HOME\bin directory.
Oracle Application Server 9.0.2.0.1
Oracle Application Server 9.0.2.1
Oracle Collaboration Suite Release 1
Oracle Application Server
Oracle Application Server 9.0.3
Oracle Application Server 9.0.3.1
Oracle Application Server 9.0.4
Oracle E-business Suite 11.5.4
Oracle E-business Suite 11.5.5
Oracle Enterprise Manager Database Control 10.1.2
Oracle Enterprise Manager Grid Control 10.1.0.2
Oracle Oracle8i Enterprise 8.0.6 .0.0
Oracle Oracle8i Enterprise 8.0.6 .0.1
Oracle Oracle8i Enterprise 8.1.7 .1.0
Oracle Oracle8i Enterprise 8.1.7 .4
Oracle Oracle8i Standard 8.1.7 .1
Oracle Oracle8i Standard 8.1.7 .4
Oracle Oracle9i Enterprise 9.2.0.1
Oracle Oracle9i Enterprise 9.2.0.2
Oracle Oracle9i Personal 9.0.1.5
Oracle Oracle9i Personal 9.2
Oracle Oracle9i Standard 9.0
2 EDB exploits
NA
CVE-2007-0222
Directory traversal vulnerability in the EmChartBean server side component for Oracle Application Server 10g allows remote malicious users to read arbitrary files via unknown vectors, probably "\.." sequences in the beanId parameter. NOTE: this is likely a duplicate of ...
Oracle Application Server 10.1.3
NA
CVE-2004-1774
Buffer overflow in the SDO_CODE_SIZE procedure of the MD2 package (MDSYS.MD2.SDO_CODE_SIZE) in Oracle 10g prior to 10.1.0.2 Patch 2 allows local users to execute arbitrary code via a long LAYER parameter.
Oracle Application Server 10.1.0.2
Oracle Oracle10g Enterprise 10.1.0.2
Oracle Oracle10g Personal 10.1.0.2
Oracle Oracle10g Standard 10.1.0.2
1 EDB exploit
NA
CVE-2004-1371
Stack-based buffer overflow in Oracle 9i and 10g allows remote malicious users to execute arbitrary code via a long token in the text of a wrapped procedure.
Oracle Application Server 9.0.2.1
Oracle Application Server 9.0.2.2
Oracle Collaboration Suite Release 1
Oracle Database Server 9i Application Server
Oracle E-business Suite 11.5.7
Oracle E-business Suite 11.5.8
Oracle Oracle10g Personal 10.1 .0.2
Oracle Oracle10g Personal 9.0.4 .0
Oracle Oracle8i Enterprise 8.1.5 .0.2
Oracle Oracle8i Enterprise 8.1.5 .1.0
Oracle Oracle8i Standard 8.0.6 .3
Oracle Oracle8i Standard 8.1.5
Oracle Oracle9i Enterprise 8.1.7
Oracle Oracle9i Enterprise 9.0.1
Oracle Oracle9i Enterprise 9.2.0.4
Oracle Oracle9i Enterprise 9.2.0.5
Oracle Oracle9i Personal 9.2.0.2
Oracle Oracle9i Personal 9.2.0.3
Oracle Oracle9i Personal 9.2.0.4
Oracle Oracle9i Standard 9.0.1.4
Oracle Oracle9i Standard 9.0.1.5
Oracle Oracle9i Standard 9.2.0.5
NA
CVE-2005-1495
Oracle Database 9i and 10g disables Fine Grained Audit (FGA) after the SYS user executes a SELECT statement on an FGA object, which makes it easier for malicious users to escape detection.
Oracle Oracle10g Personal 10.1.0.2
Oracle Oracle10g Personal 10.1.0.3
Oracle Oracle9i 9.0.1.2
Oracle Oracle9i 9.0.1.3
Oracle Application Server 10.1.0.3.1
Oracle Oracle10g Enterprise 10.1.0.2
Oracle Oracle10g Standard 10.1.0.3
Oracle Oracle10g Standard 10.1.0.3.1
Oracle Oracle9i 9.2.0.1
Oracle Oracle9i 9.2.0.2
Oracle Oracle10g Enterprise 10.1.0.3
Oracle Oracle10g Enterprise 10.1.0.3.1
Oracle Oracle9i 9.0
Oracle Oracle9i 9.0.1
Oracle Oracle9i Release 2 9.2.1
Oracle Oracle9i Release 2 9.2.2
Oracle Application Server 10.1.0.2
Oracle Application Server 10.1.0.3
Oracle Oracle10g Personal 10.1.0.3.1
Oracle Oracle10g Standard 10.1.0.2
Oracle Oracle9i 9.0.1.4
Oracle Oracle9i 9.0.2
NA
CVE-2004-1368
ISQL*Plus in Oracle 10g Application Server allows remote malicious users to execute arbitrary files via an absolute pathname in the file parameter to the load.uix script.
Oracle Application Server
Oracle Application Server 9.0.2
Oracle Application Server 9.0.4
Oracle Application Server 9.0.4.0
Oracle E-business Suite 11.5.5
Oracle E-business Suite 11.5.6
Oracle Enterprise Manager Grid Control 10.1.0.2
Oracle Oracle10g Enterprise 10.1.0.2
Oracle Oracle8i Enterprise 8.0.6 .0.1
Oracle Oracle8i Enterprise 8.1.5 .0.0
Oracle Oracle8i Enterprise 8.1.7 .4
Oracle Oracle8i Standard 8.0.6
Oracle Application Server 9.0.2.3
Oracle Application Server 9.0.3
Oracle Application Server 9.0.3.1
Oracle E-business Suite 11.5.3
Oracle E-business Suite 11.5.4
Oracle Enterprise Manager 9.0.1
Oracle Enterprise Manager Database Control 10.1.2
Oracle Oracle10g Standard 9.0.4 .0
Oracle Oracle8i Enterprise 8.0.5 .0.0
Oracle Oracle8i Enterprise 8.0.6 .0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »