Alex has updated his Oracle exploits page to add 5 more exploit codes
"Buffer Overflow in DBMS_REPCAT_INSTANTIATE"
"Become DBA via DBMS_SYS_SQL"
"Stop remote Listener via lsnrctl added"
"Switch username to SYS after executing a database job via dbms_scheduler added"
"SQL Injection in Oracle Portal WWV_LOV"
Be aware of these issues, if you are not patched then you are vulnerable.