Vulnerabilities (CVE)

Filtered by vendor Oracle Subscribe
Filtered by product Oracle10g
Total 23 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2004-1371 1 Oracle 10 Application Server, Collaboration Suite, Database Server and 7 more 2025-04-03 9.0 HIGH N/A
Stack-based buffer overflow in Oracle 9i and 10g allows remote attackers to execute arbitrary code via a long token in the text of a wrapped procedure.
CVE-2006-0269 1 Oracle 1 Oracle10g 2025-04-03 5.5 MEDIUM N/A
Unspecified vulnerability in the Streams Capture component of Oracle Database server 10.1.0.5 and 10.2.0.1 has unspecified impact and attack vectors, as identified by Oracle Vuln# DB25. NOTE: details are unavailable from Oracle, but they have not publicly disputed a claim by a reliable independent researcher that states that the problem is SQL injection in the SET_DIRECTORY_ROOT function in the DBMS_CDC_PUBLISH package.
CVE-2004-1774 1 Oracle 2 Application Server, Oracle10g 2025-04-03 7.2 HIGH N/A
Buffer overflow in the SDO_CODE_SIZE procedure of the MD2 package (MDSYS.MD2.SDO_CODE_SIZE) in Oracle 10g before 10.1.0.2 Patch 2 allows local users to execute arbitrary code via a long LAYER parameter.