The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Oracle DB

SQLite: out-of-bounds memory reading via rtreenode
An attacker can force a read at an invalid address via rtreenode() of SQLite, in order to trigger a denial of service, or to obtain sensitive information...
cpuapr2020, cpujan2020, cpujul2020, cpuoct2020, CVE-2019-8457, DSA-2019-133, FEDORA-2019-02b81266b7, FEDORA-2019-3377813d18, JSA11055, openSUSE-SU-2019:1645-1, RHSA-2020:1810-01, SUSE-SU-2019:14083-1, SUSE-SU-2019:14120-1, SUSE-SU-2019:1522-1, SUSE-SU-2019:1601-1, USN-4004-1, USN-4004-2, USN-4019-1, USN-4019-2, VIGILANCE-VUL-29449
Apache Tomcat: Cross Site Scripting via SSI printenv
An attacker can trigger a Cross Site Scripting via SSI printenv of Apache Tomcat, in order to run JavaScript code in the context of the web site...
bulletinjul2019, cpujan2020, CVE-2019-0221, DLA-1810-1, DLA-1883-1, DSA-4596-1, FEDORA-2019-1a3f878d27, FEDORA-2019-d66febb5df, HPESBUX04015, openSUSE-SU-2019:1673-1, openSUSE-SU-2019:1808-1, SUSE-SU-2019:1693-1, SUSE-SU-2019:1866-1, SUSE-SU-2019:1895-1, USN-4128-1, USN-4128-2, VIGILANCE-VUL-29350
SQLite: use after free via Window
An attacker can force the usage of a freed memory area via Window of SQLite, in order to trigger a denial of service, and possibly to run code...
cpuoct2020, CVE-2019-5018, JSA11055, TALOS-2019-0777, USN-4205-1, VIGILANCE-VUL-29269
Oracle Database: vulnerabilities of April 2019
Several vulnerabilities were announced in Oracle products...
CERTFR-2019-AVI-173, cpuapr2019, CVE-2019-2516, CVE-2019-2517, CVE-2019-2518, CVE-2019-2571, CVE-2019-2582, CVE-2019-2619, VIGILANCE-VUL-29045
jQuery Core: privilege escalation via Object.prototype Pollution
An attacker can bypass restrictions via Object.prototype Pollution of jQuery Core, in order to escalate his privileges...
bulletinoct2019, cpuapr2020, cpujan2020, cpujul2019, cpujul2020, cpuoct2019, cpuoct2020, CST-7312, CVE-2019-11358, DLA-1797-1, DLA-2118-1, DRUPAL-SA-CORE-2019-005, DRUPAL-SA-CORE-2019-006, DSA-4460-1, EZSA-2019-005, FEDORA-2019-2a0ce0c58c, FEDORA-2019-a06dffab1c, FEDORA-2019-f563e66380, NTAP-20190919-0001, openSUSE-SU-2019:1839-1, openSUSE-SU-2019:1872-1, RHSA-2019:1456-01, RHSA-2020:3936-01, Synology-SA-19:19, VIGILANCE-VUL-29030
Apache Tomcat: code execution via Windows enableCmdLineArguments
An attacker can use a vulnerability via Windows enableCmdLineArguments of Apache Tomcat, in order to run code...
CERTFR-2019-AVI-170, cpujan2020, CVE-2019-0232, HPESBUX04015, Synology-SA-19:17, VIGILANCE-VUL-28999
SQLite: NULL pointer dereference via FTS5 Transaction Interleaving Read
An attacker can force a NULL pointer to be dereferenced via FTS5 Transaction Interleaving Read of SQLite, in order to trigger a denial of service...
bulletinapr2019, cpujan2020, cpuoct2020, CVE-2019-9937, DLA-2340-1, FEDORA-2019-8641591b3c, FEDORA-2019-a01751837d, JSA11055, openSUSE-SU-2019:1372-1, SUSE-SU-2019:1127-1, USN-4019-1, USN-4019-2, VIGILANCE-VUL-28844
SQLite: out-of-bounds memory reading via FTS5 Transaction Prefix Queries
An attacker can force a read at an invalid address via FTS5 Transaction Prefix Queries of SQLite, in order to trigger a denial of service, or to obtain sensitive information...
bulletinapr2019, cpujan2020, cpuoct2020, CVE-2019-9936, DLA-2340-1, FEDORA-2019-8641591b3c, FEDORA-2019-a01751837d, JSA11055, openSUSE-SU-2019:1372-1, SUSE-SU-2019:1127-1, USN-4019-1, USN-4019-2, VIGILANCE-VUL-28843
Apache Tomcat: denial of service via HTTP/2 Frames
An attacker can trigger a fatal error via HTTP/2 Frames of Apache Tomcat, in order to trigger a denial of service...
bulletinapr2019, bulletinjul2019, CERTFR-2019-AVI-251, cpujan2020, CVE-2019-0199, DSA-4596-1, FEDORA-2019-1a3f878d27, FEDORA-2019-d66febb5df, ibm10886317, openSUSE-SU-2019:1673-1, openSUSE-SU-2019:1723-1, openSUSE-SU-2019:1808-1, SUSE-SU-2019:1693-1, SUSE-SU-2019:1825-1, SUSE-SU-2019:1866-1, SUSE-SU-2019:1895-1, VIGILANCE-VUL-28842
jackson-datatype-jsr310: denial of service via Input Validation
An attacker can trigger a fatal error via Input Validation of jackson-datatype-jsr310, in order to trigger a denial of service...
cpuoct2019, CVE-2018-1000873, FEDORA-2019-df57551f6d, VIGILANCE-VUL-28552
Our database contains other pages. You can request a free trial to read them.

Display information about Oracle DB: