SkipNavigation
Home | FAQ | Contact | Privacy Policy
US-CERT
American Flag
  Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information


 
 View Notes By
  Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric
 Other Documents
  Technical Alerts

Technical Bulletins

Alerts

Security Tips

Search Results

IDDate
Public		Name
VU#47214807/21/2005Oracle Reports arbitrary file writing vulnerability
VU#92526107/19/2005Oracle Reports arbitrary file reading vulnerability
VU#29895802/24/2006Oracle Diagnostic Tools do not properly authenticate users
VU#89164401/17/2006Oracle Database XML Database SQL Injection vulnerability
VU#54580401/17/2006Oracle products contain multiple vulnerabilities
VU#15033201/17/2006Oracle Text SQL injection vulnerability
VU#86594810/18/2005Oracle Enterprise Manager Oracle Agent contains a buffer overflow
VU#21052410/18/2005Oracle products contain multiple vulnerabilities
VU#37675610/18/2005Oracle Application Server Internet Directory vulnerability
VU#61356207/12/2005Oracle products contain multiple vulnerabilities
VU#94848604/12/2005Oracle products contain multiple vulnerabilities
VU#49634010/20/2003Oracle command-line program buffer overflow in argument handling
VU#15832304/01/2002Oracle Configurator discloses version and host information via "test" argument passed to servlet
VU#99740305/27/2002Oracle Reports Server Reports Web Cartridge (RWCGI60) vulnerable to buffer overflow via database name parameter
VU#11827710/18/2000The Oracle Internet Directory LDAP (oidldapd) contains buffer overflow
VU#17083008/31/2004Oracle Enterprise Manager contains several vulnerabilities
VU#41300603/15/2004Oracle Application Server Web Cache contains heap overflow vulnerability
VU#32246001/17/2007Oracle Collaboration Suite denial of service vulnerability
VU#22178801/17/2007Oracle SYS.DBMS_AQ package vulnerable to PL/SQL injection
VU#71714010/17/2006Oracle ENABLE_HIERARCHY_INTERNAL procedure vulnerable to PL/SQL injection
VU#31876410/17/2006Oracle DISABLE_HIERARCHY_INTERNAL procedure vulnerable to PL/SQL injection
VU#86929210/17/2006Oracle MDSYS.SDO_LRS package vulnerable to PL/SQL injection
VU#73632410/17/2006Oracle SYS.DBMS_CDC_IMPDP package vulnerable to PL/SQL injection
VU#44610010/17/2006Oracle CREATE_CHANGE_TABLE procedure vulnerable to PL/SQL injection
VU#71696410/17/2006Oracle PREPARE_UNBOUNDED_VIEW procedure vulnerable to PL/SQL injection
VU#93212404/26/2006Oracle DBMS_EXPORT_EXTENSION package vulnerable to SQL injection
VU#45268104/18/2006Oracle Export component SQL injection vulnerability
VU#24148104/18/2006Oracle Dictionary vulnerability
VU#87904104/18/2006Oracle Collaboration Suite Email Server vulnerability
VU#44326504/18/2006Oracle Reporting Framework vulnerability
VU#24024904/18/2006Oracle Spatial SQL injection vulnerability
VU#54914604/19/2006Oracle Collaboration Suite Email Server contains a vulnerability that may compromise system confidentiality
VU#79746504/18/2006Oracle Advanced Replication SQL injection vulnerability
VU#94072904/18/2006Oracle Diagnostics Interfaces vulnerability
VU#61919404/18/2006Oracle Order Capture vulnerability
VU#82483304/18/2006Oracle Application Object Library vulnerability
VU#13904904/18/2006Oracle DBMS_REPUTIL package vulnerable to SQL injection
VU#99926801/17/2006Oracle Client Tools buffer overflow vulnerability
VU#85741201/17/2005Oracle Transparent Data Encryption master encryption key stored as plaintext
VU#16916401/25/2006Oracle PL/SQL Gateway fails to properly validate HTTP requests
VU#87175601/17/2006Oracle TNS protocol fails to properly validate authentication requests
VU#98334001/17/2006Oracle Database Data Pump Metadata API SQL injection vulnerability
VU#62931601/17/2006Oracle Database SYS.DBMS_METADATA_UTIL package SQL injection vulnerability
VU#87017201/17/2006Oracle Database Net Listener vulnerability
VU#89094010/18/2005Oracle HTTP Server vulnerability
VU#51271610/18/2005Oracle Application Server Web Cache vulnerability
VU#17136410/18/2005Oracle Application Server SQL*ReportWriter vulnerability
VU#26570010/18/2005Oracle Human Resource Management System vulnerability
VU#60934010/18/2005Oracle E-Business Suite Applications Utilities vulnerability
VU#44944410/18/2005Oracle Database Server buffer overflow in Security Component
VU#15050810/18/2005Oracle E-Business Suite Applications Technology Stack vulnerability
VU#98210904/12/2005Oracle contains multiple SQL injection vulnerabilities
VU#62049506/27/2001Oracle 8i contains buffer overflow in TNS Listener
VU#31620608/10/2004Oracle Database Server contains several vulnerabilities
VU#66378602/11/2003Oracle9i Database contains remotely exploitable buffer overflow in "BFILENAME" function
VU#43597408/31/2004Oracle Application Server contains several vulnerabilities
VU#96157906/04/2004Oracle E-Business Suite SQL Injection vulnerabilities
VU#18014702/06/2002Oracle 9i Database Server PL/SQL module allows remote command execution without authentication
VU#61090412/22/2000Oracle Internet Directory LDAP Daemon does not check write permissions properly
VU#71272301/10/2002Oracle 9iAS default configuration uses well-known default passwords
VU#84066602/11/2003Oracle9i Database contains remotely exploitable buffer overflow in "TO_TIMESTAMP_TZ" function
VU#95374602/11/2003Oracle9i Database contains remotely exploitable buffer overflow in "ORACLE.EXE"
VU#74395402/11/2003Oracle9i Database contains remotely exploitable buffer overflow in "TZ_OFFSET" function
VU#93686807/25/2003Oracle Database Server contains stack overflow in logging mechanism when supplied overly long library name
VU#29155505/27/2002Oracle Web Cache contains buffer overflow vulnerabilities
VU#10525906/19/2001Oracle Database Server vulnerable to DoS via repeated requests to Oracle listener without connecting to redirected port
VU#69846702/06/2002Oracle 9iAS default configuration allows access to "globals.jsa" file
VU#27897109/17/2001Oracle 9i Application Server does not adequately handle requests for nonexistent JSP files thereby disclosing web folder path information
VU#51119402/11/2003Oracle9i Application Server MOD_ORADAV Module vulnerable to DoS
VU#80945704/17/2007Oracle Database vulnerable to privilege escalation
VU#80573704/06/2006Oracle views fail to enforce table security settings
VU#84658202/06/2004Oracle9i Database contains buffer overflow in NUMTODSINTERVAL() function
VU#46755505/27/2002Oracle Application Server contains format string vulnerability
VU#39980602/06/2004Oracle9i Database contains buffer overflow in FROM_TZ() function
VU#16887304/10/2003Oracle E-Business Suite Report Review Agent (RRA) allows arbitrary files to be retrieved with no authentication
VU#24017402/06/2004Oracle9i Database contains buffer overflow in TIME_ZONE session parameter
VU#71782701/10/2002Multiple Oracle 9iAS sample pages contain vulnerabilities
VU#54745902/06/2002Oracle 9iAS creates temporary files when processing JSP requests that are world-readable
VU#73692301/10/2002Oracle 9iAS SOAP components allow anonymous users to deploy applications by default
VU#81912602/06/2004Oracle9i Database contains buffer overflow in NUMTOYMINTERVAL() function
VU#30105905/27/2002Oracle TNS Listener Control Utility (LSNRCTL) contains format string vulnerability
VU#63009105/27/2002Oracle9i Database TNS Listener vulnerable to buffer overflow via SERVICE_NAME parameter
VU#47443308/28/2007Oracle JInitiator ActiveX control stack buffer overflows
VU#71638707/21/2008Oracle Weblogic Apache connector vulnerable to buffer overflow
VU#75848312/13/2001Oracle9i Application Server Apache PL/SQL module does not properly decode URL
VU#79861102/06/2002Oracle 9iAS contains cross-site scripting vulnerability in "htp.print"
VU#93650701/10/2002Oracle 9iAS allows access to CGI script source code within CGI-BIN directory
VU#86918407/16/2001Oracle Internet Directory contains multiple vulnerabilities in LDAP handling code
VU#16879501/10/2002Oracle 9iAS allows anonymous remote users to view sensitive Apache services by default
VU#50020312/13/2001Oracle9i Application Server Apache PL/SQL module vulnerable to buffer overflow via help page request
VU#65904302/06/2002Oracle9i Application Server Apache PL/SQL module vulnerable to buffer overflow via Database Access Descriptor password
VU#87860302/06/2002Oracle9i Application Server Apache PL/SQL module vulnerable to buffer overflow via HTTP Authorization header
VU#19352301/10/2002Oracle9i Application Server allows unauthenticated access to PL/SQL applications via alternate Database Access Descriptor
VU#92339502/06/2002Oracle9i Application Server Apache PL/SQL module vulnerable to buffer overflow via cache directory name
VU#75029902/06/2002Oracle9i Application Server Apache PL/SQL module vulnerable to buffer overflow via HTTP request
VU#80591502/06/2002Oracle9i Application Server Apache PL/SQL module does not properly handle HTTP Authorization header
VU#30783501/10/2002Oracle9i Application Server OWA_UTIL procedures expose sensitive information
VU#31328001/10/2002Oracle9i Application Server Apache PL/SQL module vulnerable to buffer overflow via HTTP Location header
VU#47661902/06/2002Oracle 9iAS default configuration allows arbitrary users to view sensitive configuration files
VU#97725102/06/2002Oracle 9iAS XSQL Servlet ignores file permissions allowing arbitrary users to view sensitive configuration files
VU#61177601/10/2002Oracle9i Application Server PL/SQL Gateway web administration interface uses null authentication by default
VU#64997910/18/2001Oracle9iAS Web Cache vulnerable to buffer overflow
VU#84999302/11/2003Some implementations of mod_dav contain a format string vulnerability in "ap_log_rerror()" function
VU#30309402/10/2005OpenPGP vulnerable to chosen-ciphertext attacks in cipher feedback (CFB) mode
VU#27977408/02/2005Computer Associates BrightStor ARCserve Backup Agents vulnerable to buffer overflow
VU#88880103/19/2003SSL/TLS implementations disclose side channel information via PKCS #1 v1.5 version number extension
VU#99748103/14/2003Cryptographic libraries and applications do not adequately defend against timing attacks
VU#39541207/27/2006Apache mod_rewrite contains off-by-one error in ldap scheme handling
VU#74492908/31/2005mod_ssl fails to properly enforce client certificates authentication
VU#46616107/14/2009XML signature HMAC truncation authentication bypass
VU#42339608/02/2004X.509 certificate verification may be vulnerable to resource exhaustion
VU#86759301/20/2003Web servers enable HTTP TRACE method by default
VU#14212102/22/2003zlib "gzprintf()" function vulnerable to buffer overflow
VU#94433506/17/2002Apache web servers fail to handle chunks with a negative size
VU#14671806/14/2006Sendmail fails to handle malformed multipart MIME messages
VU#45674507/09/2009ActiveX controls built with Microsoft ATL fail to properly handle initialization data
VU#74934201/13/2003Multiple vulnerabilities in H.323 implementations
VU#83486503/22/2006Sendmail signal I/O race condition
VU#52871902/21/2003Multiple implementations of the Session Initiation Protocol (SIP) contain multiple types of vulnerabilities
VU#54730009/28/2006OpenSSL SSL_get_shared_ciphers() vulnerable to buffer overflow
VU#84562009/05/2006Multiple RSA implementations fail to properly handle signatures
VU#38696409/28/2006OpenSSL SSLv2 client code fails to properly check for NULL
VU#97831606/04/2003Vulnerability in OpenSSH daemon (sshd)
VU#87804405/31/2008SNMPv3 improper HMAC validation allows authentication bypass
VU#85430602/12/2002Multiple vulnerabilities in SNMPv1 request handling

If this page is empty, your search did not match any documents.

Produced 2009 by US-CERT, a government organization
Disclaimers and copyright information