Oracle Database
20 CVEs affecting Oracle Database. Latest disclosed: 2017-10-19. Critical: 4, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-10202 | Critical | 9.9 | 2017-08-08 | Vulnerability in the OJVM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable vul… |
CVE-2017-3310 | Critical | 9.0 | 2017-01-27 | Vulnerability in the OJVM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Easily exploitable vulnerability… |
CVE-2016-3609 | Critical | 9.0 | 2016-07-21 | Unspecified vulnerability in the OJVM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confiden… |
CVE-2016-3454 | Critical | 9.0 | 2016-04-21 | Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote attackers to affect confidentiality… |
CVE-2017-10321 | High | 8.8 | 2017-10-19 | Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitab… |
CVE-2017-10190 | High | 8.2 | 2017-10-19 | Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily exploitable… |
CVE-2016-2183 | High | 7.5 | 2016-09-01 | The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four bill… |
CVE-2016-3479 | High | 7.5 | 2016-07-21 | Unspecified vulnerability in the Portable Clusterware component in Oracle Database Server 11.2.0.4 and 12.1.0.2 allows remote attackers to affect availability… |
CVE-2016-3489 | Medium | 6.7 | 2016-07-21 | Unspecified vulnerability in the Data Pump Import component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentia… |
CVE-2017-10261 | Medium | 6.5 | 2017-10-19 | Vulnerability in the XML Database component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Easily exploitable vulne… |
CVE-2016-5572 | Medium | 6.4 | 2016-10-25 | Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and availabil… |
CVE-2016-5497 | Medium | 6.4 | 2016-10-25 | Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.2 allows local users to affect confidentiality, integrity, and avail… |
CVE-2016-0677 | Medium | 5.9 | 2016-04-21 | Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.1 and 12.1.0.2 allows remote attackers to affect availability via un… |
CVE-2017-3567 | Medium | 5.3 | 2017-04-24 | Vulnerability in the OJVM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4 and 12.1.0.2. Difficult to exploit vulnerabili… |
CVE-2016-3488 | Medium | 4.4 | 2016-07-21 | Unspecified vulnerability in the DB Sharding component in Oracle Database Server 12.1.0.2 allows local users to affect integrity via unknown vectors. |
CVE-2016-3484 | Low | 3.4 | 2016-07-21 | Unspecified vulnerability in the Database Vault component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiali… |
CVE-2014-3566 | Low | 3.4 | 2014-10-15 | The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle atta… |
CVE-2016-0691 | Low | 3.3 | 2016-04-21 | Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect integrity via… |
CVE-2016-0690 | Low | 3.3 | 2016-04-21 | Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect integrity via… |
CVE-2017-10292 | Low | 2.3 | 2017-10-19 | Vulnerability in the RDBMS Security component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Easily explo… |