Software Detail

Software Informaton Top

Database

Software Detail

Oracle Database

Number Of NVD

492

CRITICAL

HIGH

171

MEDIUM

245

LOW

URL	https://www.oracle.com/database/
Explanation	It is a commercial relational database management system (RDBMS) developed and marketed by Oracle (USA). It was the first commercial database released in 1979. It has users all over the world and has all the necessary functions for a relational database management system (RDBMS). There are three support stages for Oracle enterprise Database. Premier Support (standard support for five years from the time of product shipment) Extended Support (3 years of extended support from the end of Premier Support) Extended Support (3 years of extended support after Premier Support expires) ・Sustaining Support (support received for continued use of the product) From Oracle Database 18c onwards, the "annual release" model has been adopted. Updates and Revisions are released in January, April, July, and October. In the case of version "18.0.1", 18 is the version, 0 is the update, and 1 is the revision.
Tag	商用ライセンス有り

Add Information URL

No	Type	Name	URL
1			https://www.oracle.com/technetwork/jp/database/enterprise-edition/downloads/index.html
2			https://support.oracle.com/knowledge/Oracle%20Database%20Products/2413744_1.html
3			https://support.oracle.com/knowledge/Oracle%20Cloud/2413744_1.html
4			https://www.oracle.com/jp/support/lifetime-support/
5			https://www.oracle.com/jp/database/technologies/oracle-database-software-downloads.html
6			http://otndnld.oracle.co.jp/ondemand/technight/19-1_CoreInstUpgr_DL_final.pdf

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Normal Support	Extended for a fee	Critical	High	Medium	Low
51	Oracle Database 19c	19.5		March 31, 2023		March 31, 2026	3	9	21	10
52	Oracle Database 12c Release 2	12.2.0.1		Nov. 20, 2020			8	13	24	12
53	Oracle Database 18c	18.0.0.0	June 15, 2018	Feb. 1, 2018			9	14	23	10
54	Oracle Database 12c Release 1	12.1.0.2		July 1, 2013	Aug. 31, 2016		6	28	72	23
55	Oracle Database 11g Release 2	11.2.0.4		Sept. 1, 2009	Jan. 31, 2015	Dec. 31, 2020	5	40	110	27
56	Oracle Database 11g Release 1	11.1.0.7		Sept. 1, 2007	Aug. 31, 2012	Aug. 31, 2015	0	37	114	23
57	Oracle Database 9.0c	9.0.4					1	47	18	3
58	Oracle Database 8.0c	8.0.6.3					0	10	2	2
59	Oracle Database 7.0c	7.0.64					0	3	0	1
60	Oracle Database 5.1c	5.1					0	2	1	1
61	Oracle Database 4.0c	4.0.8					0	2	5	2
62	Oracle Database 21.3c	21.3					0	0	6	5
63	Oracle Database 10.1c	10.1.0.5					1	83	75	16
64	Oracle Database 1.0c	1.0.2.2					0	2	3	2

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	Update date Published date	Show Affected	Exploit PoC Search
51	4.3 4.0	MEDIUM Network	Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged attacker ha…	NVD-CWE-noinfo	CVE-2019-2734	cpe:2.3:a:oracle:database_server:19c:* cpe:2.3:a:oracle:database_server:18c:* cpe:2.3:a:oracle:database_server:12…	2024-11-21 13:41 2019-10-17	Show	GitHub Exploit DB Packet Storm

52	5.0 4.0	MEDIUM Network	Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged attacker ha…	NVD-CWE-noinfo	CVE-2018-2875	cpe:2.3:a:oracle:database_server:19c:* cpe:2.3:a:oracle:database_server:18c:* cpe:2.3:a:oracle:database_server:12…	2024-11-21 13:04 2019-10-17	Show	GitHub Exploit DB Packet Storm

53	9.8 7.5	CRITICAL Network	A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSO…	CWE-502 Deserialization of Untrusted Data	CVE-2019-16942	cpe:2.3:a:oracle:database_server:19c:* cpe:2.3:a:oracle:database_server:18c:* cpe:2.3:a:oracle:database_server:12…	2024-11-21 13:31 2019-10-2	Show	GitHub Exploit DB Packet Storm

54	7.5 6.0	HIGH Network	Vulnerability in the Oracle ODBC Driver component of Oracle Database Server<span class=font-red><b> *PRIVILEGE CANNOT BE NONE FOR AUTHENTICATED ATTACKS*</b></span>. Supported versions that are af…	NVD-CWE-noinfo	CVE-2019-2799	cpe:2.3:a:oracle:database_server:18c:* cpe:2.3:a:oracle:database_server:12.2.0.1:* cpe:2.3:a:oracle:database_serv…	2024-11-21 13:41 2019-07-24	Show	GitHub Exploit DB Packet Storm

55	7.6 5.5	HIGH Network	Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged …	NVD-CWE-noinfo	CVE-2019-2776	cpe:2.3:a:oracle:database_server:19c:* cpe:2.3:a:oracle:database_server:18c:* cpe:2.3:a:oracle:database_server:12…	2024-11-21 13:41 2019-07-24	Show	GitHub Exploit DB Packet Storm

56	4.6 4.9	MEDIUM Network	Vulnerability in the Oracle Text component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows low privil…	NVD-CWE-noinfo	CVE-2019-2753	cpe:2.3:a:oracle:database_server:18c:* cpe:2.3:a:oracle:database_server:12.2.0.1:* cpe:2.3:a:oracle:database_serv…	2024-11-21 13:41 2019-07-24	Show	GitHub Exploit DB Packet Storm

57	6.8 4.9	MEDIUM Network	Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low pri…	NVD-CWE-noinfo	CVE-2019-2749	cpe:2.3:a:oracle:database_server:19c:* cpe:2.3:a:oracle:database_server:18c:* cpe:2.3:a:oracle:database_server:12…	2024-11-21 13:41 2019-07-24	Show	GitHub Exploit DB Packet Storm

58	4.0 1.2	MEDIUM Local	Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Difficult to exploit vulnerability allows high privilege…	NVD-CWE-noinfo	CVE-2019-2569	cpe:2.3:a:oracle:database_server:12.2.0.1:* cpe:2.3:a:oracle:database_server:12.1.0.2:* cpe:2.3:a:oracle:database…	2024-11-21 13:41 2019-07-24	Show	GitHub Exploit DB Packet Storm

59	5.4 4.9	MEDIUM Network	Vulnerability in the Application Express component of Oracle Database Server. Supported versions that are affected are 5.1 and 18.2. Easily exploitable vulnerability allows low privileged attacker ha…	NVD-CWE-noinfo	CVE-2019-2484	cpe:2.3:a:oracle:database_server:5.1:* cpe:2.3:a:oracle:database_server:18.2:*	2024-11-21 13:40 2019-07-24	Show	GitHub Exploit DB Packet Storm

60	5.5 4.3	MEDIUM Local	In OpenJPEG 2.3.1, there is excessive iteration in the opj_t1_encode_cblks function of openjp2/t1.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted bmp …	CWE-834 Excessive Iteration	CVE-2019-12973	cpe:2.3:a:oracle:database_server:18c:*	2024-11-21 13:23 2019-06-27	Show	GitHub Exploit DB Packet Storm