U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:oracle:database_server:11.2.0.2
There are 55 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2013-5771

Unspecified vulnerability in the XML Parser component in Oracle Database Server 11.1.0.7, 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote attackers to affect confidentiality and availability via unknown vectors.

Published: October 16, 2013; 11:55:34 AM -0400
V3.x:(not available)
V2.0: 6.4 MEDIUM
CVE-2013-3826

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote attackers to affect confidentiality via unknown vectors.

Published: October 16, 2013; 11:55:33 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2013-3790

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect integrity via unknown vectors related to Privileged Account.

Published: July 17, 2013; 9:41:16 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2013-3789

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

Published: July 17, 2013; 9:41:16 AM -0400
V3.x:(not available)
V2.0: 6.5 MEDIUM
CVE-2013-3774

Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

Published: July 17, 2013; 9:41:16 AM -0400
V3.x:(not available)
V2.0: 7.6 HIGH
CVE-2013-3771

Unspecified vulnerability in the Oracle executable component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2013-3760.

Published: July 17, 2013; 9:41:16 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2013-3760

Unspecified vulnerability in the Oracle executable component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows local users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2013-3771.

Published: July 17, 2013; 9:41:16 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2013-3751

Unspecified vulnerability in the XML Parser component in Oracle Database Server 11.2.0.2, 11.2.0.3, and 12.1.0.1 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

Published: July 17, 2013; 9:41:16 AM -0400
V3.x:(not available)
V2.0: 9.0 HIGH
CVE-2013-1554

Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to affect availability via unknown vectors.

Published: April 17, 2013; 8:19:45 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2013-1538

Unspecified vulnerability in the Network Layer component in Oracle Database Server 11.2.0.2 and 11.2.0.3 allows remote attackers to affect availability via unknown vectors.

Published: April 17, 2013; 8:19:44 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2013-1534

Unspecified vulnerability in the Workload Manager component in Oracle Database Server 11.2.0.2 and 11.2.0.3, when used in RAC configurations, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

Published: April 17, 2013; 8:19:44 AM -0400
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2012-3220

Unspecified vulnerability in the Spatial component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users with Create Session privileges to affect confidentiality, integrity, and availability via unknown vectors.

Published: January 16, 2013; 8:55:03 PM -0500
V3.x:(not available)
V2.0: 9.0 HIGH
CVE-2012-3151

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3, when running on Unix and Linux platforms, allows local users to affect integrity and availability via unknown vectors.

Published: October 16, 2012; 7:55:03 PM -0400
V3.x:(not available)
V2.0: 3.3 LOW
CVE-2012-3146

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect integrity via unknown vectors.

Published: October 16, 2012; 7:55:03 PM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2012-1751

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to flashback archive.

Published: October 16, 2012; 7:55:03 PM -0400
V3.x:(not available)
V2.0: 6.5 MEDIUM
CVE-2012-3137

The authentication protocol in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote attackers to obtain the session key and salt for arbitrary users, which leaks information about the cryptographic hash and makes it easier to conduct brute force password guessing attacks, aka "stealth password cracking vulnerability."

Published: September 21, 2012; 7:55:01 PM -0400
V3.x:(not available)
V2.0: 6.4 MEDIUM
CVE-2012-3132

SQL injection vulnerability in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to execute arbitrary SQL commands via vectors involving CREATE INDEX with a CTXSYS.CONTEXT INDEXTYPE and DBMS_STATS.GATHER_TABLE_STATS.

Published: August 10, 2012; 7:55:00 PM -0400
V3.x:(not available)
V2.0: 6.5 MEDIUM
CVE-2012-3134

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect availability via unknown vectors.

Published: July 17, 2012; 7:55:03 PM -0400
V3.x:(not available)
V2.0: 4.0 MEDIUM
CVE-2012-1747

Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3, when running on Windows, allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2012-1746.

Published: July 17, 2012; 6:55:02 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2012-1746

Unspecified vulnerability in the Network Layer component in Oracle Database Server 10.2.0.3, 10.2.0.4, 10.2.0.5, 11.1.0.7, 11.2.0.2, and 11.2.0.3, when running on Windows, allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2012-1747.

Published: July 17, 2012; 6:55:02 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM