U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • CPE Product Version: cpe:/a:oracle:database_server:12.1.0.2
There are 108 matching records.
Displaying matches 61 through 80.
Vuln ID Summary CVSS Severity
CVE-2015-4923

Unspecified vulnerability in the XML Developer's Kit for C component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect availability via unknown vectors.

Published: January 20, 2016; 9:59:06 PM -0500 		V3.x:(not available)
 V2.0: 4.0 MEDIUM
CVE-2015-4921

Unspecified vulnerability in the Database Vault component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect integrity via unknown vectors.

Published: January 20, 2016; 9:59:04 PM -0500 		V3.x:(not available)
 V2.0: 4.0 MEDIUM
CVE-2015-4900

Unspecified vulnerability in the XDB - XML Database component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

Published: October 21, 2015; 7:59:59 PM -0400 		V3.x:(not available)
 V2.0: 6.5 MEDIUM
CVE-2015-4888

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-4796.

Published: October 21, 2015; 7:59:50 PM -0400 		V3.x:(not available)
 V2.0: 6.5 MEDIUM
CVE-2015-4873

Unspecified vulnerability in the Database Scheduler component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality, integrity, and availability via unknown vectors.

Published: October 21, 2015; 7:59:37 PM -0400 		V3.x:(not available)
 V2.0: 7.2 HIGH
CVE-2015-4863

Unspecified vulnerability in the Portable Clusterware component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

Published: October 21, 2015; 7:59:28 PM -0400 		V3.x:(not available)
 V2.0: 10.0 HIGH
CVE-2015-4857

Unspecified vulnerability in the RDBMS component in Oracle Database Server 12.1.0.1 and 12.1.0.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

Published: October 21, 2015; 7:59:22 PM -0400 		V3.x:(not available)
 V2.0: 5.5 MEDIUM
CVE-2015-4796

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2, when running on Windows, allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-4888.

Published: October 21, 2015; 5:59:13 PM -0400 		V3.x:(not available)
 V2.0: 9.0 HIGH
CVE-2015-4794

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

Published: October 21, 2015; 5:59:11 PM -0400 		V3.x:(not available)
 V2.0: 9.0 HIGH
CVE-2015-4755

Unspecified vulnerability in the RDBMS Security component in Oracle Database Server 12.1.0.2 allows remote attackers to affect confidentiality via unknown vectors.

Published: July 16, 2015; 7:00:49 AM -0400 		V3.x:(not available)
 V2.0: 5.0 MEDIUM
CVE-2015-4753

Unspecified vulnerability in the RDBMS Support Tools component in Oracle Database Server 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows local users to affect confidentiality via unknown vectors.

Published: July 16, 2015; 7:00:47 AM -0400 		V3.x:(not available)
 V2.0: 2.1 LOW
CVE-2015-4740

Unspecified vulnerability in the RDBMS Partitioning component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

Published: July 16, 2015; 7:00:35 AM -0400 		V3.x:(not available)
 V2.0: 6.0 MEDIUM
CVE-2015-2629

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-0457.

Published: July 16, 2015; 6:59:51 AM -0400 		V3.x:(not available)
 V2.0: 9.0 HIGH
CVE-2015-2599

Unspecified vulnerability in the RDBMS Scheduler component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors.

Published: July 16, 2015; 6:59:25 AM -0400 		V3.x:(not available)
 V2.0: 4.0 MEDIUM
CVE-2015-2595

Unspecified vulnerability in the Oracle OLAP component in Oracle Database Server 12.1.0.1 and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

Published: July 16, 2015; 6:59:21 AM -0400 		V3.x:(not available)
 V2.0: 6.5 MEDIUM
CVE-2015-0483

Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect integrity via unknown vectors.

Published: April 16, 2015; 12:59:35 PM -0400 		V3.x:(not available)
 V2.0: 4.0 MEDIUM
CVE-2015-0457

Unspecified vulnerability in the Java VM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2015-2629.

Published: April 16, 2015; 12:59:15 PM -0400 		V3.x:(not available)
 V2.0: 9.0 HIGH
CVE-2015-0455

Unspecified vulnerability in the XDB - XML Database component in Oracle Database Server 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors.

Published: April 16, 2015; 12:59:13 PM -0400 		V3.x:(not available)
 V2.0: 6.8 MEDIUM
CVE-2015-0373

Unspecified vulnerability in the OJVM component in Oracle Database Server 11.1.0.7, 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors.

Published: January 21, 2015; 1:59:20 PM -0500 		V3.x:(not available)
 V2.0: 6.5 MEDIUM
CVE-2014-6577

Unspecified vulnerability in the XML Developer's Kit for C component in Oracle Database Server 11.2.0.3, 11.2.0.4, 12.1.0.1, and 12.1.0.2 allows remote authenticated users to affect confidentiality via unknown vectors. NOTE: the previous information is from the January 2015 CPU. Oracle has not commented on the original researcher's claim that this is an XML external entity (XXE) vulnerability in the XML parser, which allows attackers to conduct internal port scanning, perform SSRF attacks, or cause a denial of service via a crafted (1) http: or (2) ftp: URI.

Published: January 21, 2015; 10:28:16 AM -0500 		V3.x:(not available)
 V2.0: 6.8 MEDIUM