- Home
- CVEs with nessus.description==The remote Oracle Database Server is missing the July 2018 Critical Patch Update (CPU). It is, therefore, affected by multiple vulnerabilities:
- An unspecified vulnerability in the Oracle Spatial (jackson-databind) component of Oracle Database Server allows an unauthenticated, remote attacker with network access via multiple protocols to compromise Oracle Spatial. (CVE-2017-15095)
- An unspecified vulnerability in the Core RDBMS component of Oracle Database Server allows a low privileged attacker to inject or manipulate RDBMS data, resulting in compromise of Core RDBMS. (CVE-2018-2939)
- An unspecified vulnerability in the Java VM component of Oracle Database Server allows a low privileged attacker with Create Session, Create Procedure privilege to compromise a Java VM. (CVE-2018-3004, CVE-2018-3110)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top