Software Detail

Software Informaton Top

Database

Software Detail

Oracle Database

Number Of NVD

492

CRITICAL

HIGH

171

MEDIUM

245

LOW

URL	https://www.oracle.com/database/
Explanation	It is a commercial relational database management system (RDBMS) developed and marketed by Oracle (USA). It was the first commercial database released in 1979. It has users all over the world and has all the necessary functions for a relational database management system (RDBMS). There are three support stages for Oracle enterprise Database. Premier Support (standard support for five years from the time of product shipment) Extended Support (3 years of extended support from the end of Premier Support) Extended Support (3 years of extended support after Premier Support expires) ・Sustaining Support (support received for continued use of the product) From Oracle Database 18c onwards, the "annual release" model has been adopted. Updates and Revisions are released in January, April, July, and October. In the case of version "18.0.1", 18 is the version, 0 is the update, and 1 is the revision.
Tag	商用ライセンス有り

Add Information URL

No	Type	Name	URL
1			https://www.oracle.com/technetwork/jp/database/enterprise-edition/downloads/index.html
2			https://support.oracle.com/knowledge/Oracle%20Database%20Products/2413744_1.html
3			https://support.oracle.com/knowledge/Oracle%20Cloud/2413744_1.html
4			https://www.oracle.com/jp/support/lifetime-support/
5			https://www.oracle.com/jp/database/technologies/oracle-database-software-downloads.html
6			http://otndnld.oracle.co.jp/ondemand/technight/19-1_CoreInstUpgr_DL_final.pdf

List Of Product [ Click to show release history and vulnerability information ]

No	Name	Latest Version	Release date	Initial release	Normal Support	Extended for a fee	Critical	High	Medium	Low
61	Oracle Database 19c	19.5		March 31, 2023		March 31, 2026	3	9	21	10
62	Oracle Database 12c Release 2	12.2.0.1		Nov. 20, 2020			8	13	24	12
63	Oracle Database 18c	18.0.0.0	June 15, 2018	Feb. 1, 2018			9	14	23	10
64	Oracle Database 12c Release 1	12.1.0.2		July 1, 2013	Aug. 31, 2016		6	28	72	23
65	Oracle Database 11g Release 2	11.2.0.4		Sept. 1, 2009	Jan. 31, 2015	Dec. 31, 2020	5	40	110	27
66	Oracle Database 11g Release 1	11.1.0.7		Sept. 1, 2007	Aug. 31, 2012	Aug. 31, 2015	0	37	114	23
67	Oracle Database 9.0c	9.0.4					1	47	18	3
68	Oracle Database 8.0c	8.0.6.3					0	10	2	2
69	Oracle Database 7.0c	7.0.64					0	3	0	1
70	Oracle Database 5.1c	5.1					0	2	1	1
71	Oracle Database 4.0c	4.0.8					0	2	5	2
72	Oracle Database 21.3c	21.3					0	0	6	5
73	Oracle Database 10.1c	10.1.0.5					1	83	75	16
74	Oracle Database 1.0c	1.0.2.2					0	2	3	2

NVD Vulnerability Information

CRITICAL
HIGH
MEDIUM
LOW

No	CVSS3 CVSS2	Level Attach Vector	Title	CWE	CVE	cpe23Uri	Update date Published date	Show Affected	Exploit PoC Search
61	5.3 5.0	MEDIUM Network	Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.2.0.1 and 18c. Easily exploitable vulnerability allows unauthenticated attacker with n…	NVD-CWE-noinfo	CVE-2019-2582	cpe:2.3:a:oracle:database_server:18c:* cpe:2.3:a:oracle:database_server:12.2.0.1:*	2024-11-21 13:41 2019-04-24	Show	GitHub Exploit DB Packet Storm

62	6.6 6.0	MEDIUM Network	Vulnerability in the RDBMS DataPump component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Difficult to exploit vulnerability allows high …	NVD-CWE-noinfo	CVE-2019-2571	cpe:2.3:a:oracle:database_server:18c:* cpe:2.3:a:oracle:database_server:12.2.0.1:* cpe:2.3:a:oracle:database_serv…	2024-11-21 13:41 2019-04-24	Show	GitHub Exploit DB Packet Storm

63	7.5 6.0	HIGH Network	Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low pri…	NVD-CWE-noinfo	CVE-2019-2518	cpe:2.3:a:oracle:database_server:19c:* cpe:2.3:a:oracle:database_server:18c:* cpe:2.3:a:oracle:database_server:12…	2024-11-21 13:41 2019-04-24	Show	GitHub Exploit DB Packet Storm

64	9.1 7.5	CRITICAL Network	Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.2.0.1 and 18c. Easily exploitable vulnerability allows high privileged attacker having…	NVD-CWE-noinfo	CVE-2019-2517	cpe:2.3:a:oracle:database_server:18c:* cpe:2.3:a:oracle:database_server:12.2.0.1:*	2024-11-21 13:41 2019-04-24	Show	GitHub Exploit DB Packet Storm

65	8.2 4.6	HIGH Local	Vulnerability in the Portable Clusterware component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows h…	NVD-CWE-noinfo	CVE-2019-2516	cpe:2.3:a:oracle:database_server:18c:* cpe:2.3:a:oracle:database_server:12.2.0.1:* cpe:2.3:a:oracle:database_serv…	2024-11-21 13:41 2019-04-24	Show	GitHub Exploit DB Packet Storm

66	3.5 3.5	LOW Network	Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows low privileged…	NVD-CWE-noinfo	CVE-2019-2547	cpe:2.3:a:oracle:database_server:18c:* cpe:2.3:a:oracle:database_server:12.2.0.1:* cpe:2.3:a:oracle:database_serv…	2024-11-21 13:41 2019-01-17	Show	GitHub Exploit DB Packet Storm

67	9.8 7.5	CRITICAL Network	FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deseriali…	CWE-502 Deserialization of Untrusted Data	CVE-2018-14719	cpe:2.3:a:oracle:database_server:19c:* cpe:2.3:a:oracle:database_server:18c:* cpe:2.3:a:oracle:database_server:12…	2024-11-21 12:49 2019-01-3	Show	GitHub Exploit DB Packet Storm

68	6.5 4.3	MEDIUM Network	Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Modules-Java8 that can result in Causes a denial-of-service (DoS). This attack appear to b…	CWE-20 Improper Input Validation	CVE-2018-1000873	cpe:2.3:a:oracle:database_server:19c:* cpe:2.3:a:oracle:database_server:18c:* cpe:2.3:a:oracle:database_server:12…	2024-11-21 12:40 2018-12-21	Show	GitHub Exploit DB Packet Storm

69	9.8 7.5	CRITICAL Network	Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18c. Easily exploitable vulnerability allows unauthenticate…	NVD-CWE-noinfo	CVE-2018-3259	cpe:2.3:a:oracle:database_server:18c:* cpe:2.3:a:oracle:database_server:12.2.0.1:* cpe:2.3:a:oracle:database_serv…	2024-11-21 13:05 2018-10-17	Show	GitHub Exploit DB Packet Storm

70	9.9 6.5	CRITICAL Network	A vulnerability was discovered in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18. Easily exploitable vulnerability allow…	NVD-CWE-noinfo	CVE-2018-3110	cpe:2.3:a:oracle:database_server:18:* cpe:2.3:a:oracle:database_server:12.2.0.1:* cpe:2.3:a:oracle:database_serve…	2024-11-21 13:05 2018-08-11	Show	GitHub Exploit DB Packet Storm