cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-21192,https://securityvulnerability.io/vulnerability/CVE-2024-21192,Vulnerability in Oracle Fusion Middleware’s WebLogic Management Component,"A vulnerability exists in Oracle Enterprise Manager for Fusion Middleware, specifically within the WebLogic Management component. This flaw enables an attacker, who possesses login credentials, to exploit the system easily. It allows unauthorized access to sensitive information or total control over data accessible through the Oracle Enterprise Manager for Fusion Middleware. Such breaches pose a significant risk to organizations relying on Oracle's solutions for their enterprise operations.",Oracle,Oracle Enterprise Manager For Fusion Middleware,4.4,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-10-15T19:52:35.130Z,0
CVE-2024-21191,https://securityvulnerability.io/vulnerability/CVE-2024-21191,Exploitable Vulnerability in Oracle Enterprise Manager Fusion Middleware Control,"A vulnerability exists within the Oracle Enterprise Manager Fusion Middleware Control product, specifically in the FMW Control Plugin. This flaw enables a low-privileged attacker with network access via HTTP to initiate exploitation attempts, requiring human interaction from another individual to succeed. Despite being located in the Fusion Middleware Control, any successful exploitation could lead to unauthorized access to sensitive data or even total access to all data within the Oracle Enterprise Manager Fusion Middleware Control. Additionally, there may be unauthorized capabilities for updating, inserting, or deleting critical data, which could pose significant risks to other products in the ecosystem.",Oracle,Oracle Enterprise Manager Fusion Middleware Control,7.6,HIGH,0.00046999999904073775,false,false,false,false,,false,false,2024-10-15T19:52:34.801Z,0
CVE-2021-2134,https://securityvulnerability.io/vulnerability/CVE-2021-2134,,Vulnerability in the Enterprise Manager for Fusion Middleware product of Oracle Enterprise Manager (component: FMW Control Plugin). The supported version that is affected is 12.2.1.4. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Enterprise Manager for Fusion Middleware. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Enterprise Manager for Fusion Middleware. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).,Oracle,Enterprise Manager For Fusion Middleware,6.5,MEDIUM,0.000590000010561198,false,false,false,false,,false,false,2021-04-22T21:53:44.000Z,0
CVE-2021-2008,https://securityvulnerability.io/vulnerability/CVE-2021-2008,,"Vulnerability in the Enterprise Manager for Fusion Middleware product of Oracle Enterprise Manager (component: FMW Control Plugin). The supported version that is affected are 11.1.1.9 and 12.2.1.3 Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Enterprise Manager for Fusion Middleware. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Enterprise Manager for Fusion Middleware accessible data as well as unauthorized read access to a subset of Enterprise Manager for Fusion Middleware accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager for Fusion Middleware. CVSS 3.1 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L).",Oracle,Enterprise Manager For Fusion Middleware,7.3,HIGH,0.0009399999980814755,false,false,false,false,,false,false,2021-04-22T21:53:43.000Z,0
CVE-2020-14607,https://securityvulnerability.io/vulnerability/CVE-2020-14607,,"Vulnerability in the Oracle Fusion Middleware MapViewer product of Oracle Fusion Middleware (component: Tile Server). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Fusion Middleware MapViewer. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Fusion Middleware MapViewer, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Fusion Middleware MapViewer accessible data as well as unauthorized read access to a subset of Oracle Fusion Middleware MapViewer accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Fusion Middleware Mapviewer,6.1,MEDIUM,0.0008299999753944576,false,false,false,false,,false,false,2020-07-15T17:34:29.000Z,0
CVE-2020-14608,https://securityvulnerability.io/vulnerability/CVE-2020-14608,,"Vulnerability in the Oracle Fusion Middleware MapViewer product of Oracle Fusion Middleware (component: Tile Server). The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Fusion Middleware MapViewer. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Fusion Middleware MapViewer accessible data as well as unauthorized read access to a subset of Oracle Fusion Middleware MapViewer accessible data. CVSS 3.1 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N).",Oracle,Fusion Middleware Mapviewer,8.2,HIGH,0.0008900000248104334,false,false,false,false,,false,false,2020-07-15T17:34:29.000Z,0
CVE-2018-3108,https://securityvulnerability.io/vulnerability/CVE-2018-3108,,Vulnerability in the Oracle Fusion Middleware component of Oracle Fusion Middleware (subcomponent: Oracle Notification Service). Supported versions that are affected are 12.2.1.2 and 12.2.1.3. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle Fusion Middleware. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Fusion Middleware accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N).,Oracle,Fusion Middleware,6.5,MEDIUM,0.0007900000200606883,false,false,false,false,,false,false,2018-08-02T12:00:00.000Z,0
CVE-2018-3109,https://securityvulnerability.io/vulnerability/CVE-2018-3109,,Vulnerability in the Oracle Fusion Middleware MapViewer component of Oracle Fusion Middleware (subcomponent: Map Builder). Supported versions that are affected are 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Fusion Middleware MapViewer. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Fusion Middleware MapViewer accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).,Oracle,Fusion Middleware Mapviewer,6.5,MEDIUM,0.0007900000200606883,false,false,false,false,,false,false,2018-08-02T12:00:00.000Z,0
CVE-2018-2943,https://securityvulnerability.io/vulnerability/CVE-2018-2943,,"Vulnerability in the Oracle Fusion Middleware MapViewer component of Oracle Fusion Middleware (subcomponent: Map Builder). Supported versions that are affected are 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Fusion Middleware MapViewer. Successful attacks of this vulnerability can result in takeover of Oracle Fusion Middleware MapViewer. CVSS 3.0 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).",Oracle,Fusion Middleware Mapviewer,9.8,CRITICAL,0.004679999779909849,false,false,false,false,,false,false,2018-07-18T13:00:00.000Z,0
CVE-2017-3230,https://securityvulnerability.io/vulnerability/CVE-2017-3230,,"Vulnerability in the Oracle Fusion Middleware MapViewer component of Oracle Fusion Middleware (subcomponent: Map Builder). Supported versions that are affected are 11.1.1.9, 12.2.1.1 and 12.2.1.2. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Fusion Middleware MapViewer. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Fusion Middleware MapViewer accessible data as well as unauthorized read access to a subset of Oracle Fusion Middleware MapViewer accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Fusion Middleware MapViewer. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L).",Oracle,Fusion Middleware Mapviewer,8.6,HIGH,0.6307899951934814,false,false,false,false,,false,false,2017-04-24T19:00:00.000Z,0
CVE-2016-3496,https://securityvulnerability.io/vulnerability/CVE-2016-3496,,"Unspecified vulnerability in the Enterprise Manager for Fusion Middleware component in Oracle Enterprise Manager Grid Control 11.1.1.7, and 11.1.1.9 allows remote attackers to affect confidentiality via vectors related to SOA Topology Viewer.",Oracle,Enterprise Manager For Fusion Middleware,4.7,MEDIUM,0.0014400000218302011,false,false,false,false,,false,false,2016-07-21T10:00:00.000Z,0
CVE-2016-0470,https://securityvulnerability.io/vulnerability/CVE-2016-0470,,"Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to BI Publisher Security.",Oracle,Fusion Middleware,,,0.000859999970998615,false,false,false,false,,false,false,2016-01-21T02:00:00.000Z,0
CVE-2016-0464,https://securityvulnerability.io/vulnerability/CVE-2016-0464,,"Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via vectors related to WLS-Console.",Oracle,Fusion Middleware,,,0.0028899998869746923,false,false,false,false,,false,false,2016-01-21T02:00:00.000Z,0
CVE-2016-0439,https://securityvulnerability.io/vulnerability/CVE-2016-0439,,"Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect confidentiality via vectors related to SSL support, a different vulnerability than CVE-2016-0430.",Oracle,Fusion Middleware,,,0.0018100000452250242,false,false,false,false,,false,false,2016-01-21T02:00:00.000Z,0
CVE-2016-0433,https://securityvulnerability.io/vulnerability/CVE-2016-0433,,Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.9.0 allows remote attackers to affect confidentiality via vectors related to SSL support.,Oracle,Fusion Middleware,,,0.0025100000202655792,false,false,false,false,,false,false,2016-01-21T02:00:00.000Z,0
CVE-2016-0432,https://securityvulnerability.io/vulnerability/CVE-2016-0432,,"Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4808, CVE-2015-6013, CVE-2015-6014, and CVE-2015-6015.",Oracle,Fusion Middleware,,,0.0006000000284984708,false,false,false,false,,false,false,2016-01-21T02:00:00.000Z,0
CVE-2016-0413,https://securityvulnerability.io/vulnerability/CVE-2016-0413,,Unspecified vulnerability in the Oracle Identity Federation component in Oracle Fusion Middleware 11.1.1.7 allows remote authenticated users to affect integrity via vectors related to Federation protocol support.,Oracle,Fusion Middleware,,,0.000859999970998615,false,false,false,false,,false,false,2016-01-21T02:00:00.000Z,0
CVE-2016-0453,https://securityvulnerability.io/vulnerability/CVE-2016-0453,,Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.1.2 allows remote attackers to affect integrity via unknown vectors related to Embedded Server.,Oracle,Fusion Middleware,,,0.0012499999720603228,false,false,false,false,,false,false,2016-01-21T02:00:00.000Z,0
CVE-2016-0430,https://securityvulnerability.io/vulnerability/CVE-2016-0430,,"Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect confidentiality via vectors related to SSL support, a different vulnerability than CVE-2016-0439.",Oracle,Fusion Middleware,,,0.0025100000202655792,false,false,false,false,,false,false,2016-01-21T02:00:00.000Z,0
CVE-2016-0401,https://securityvulnerability.io/vulnerability/CVE-2016-0401,,"Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect integrity via unknown vectors related to Scheduler, a different vulnerability than CVE-2016-0429.",Oracle,Fusion Middleware,,,0.001449999981559813,false,false,false,false,,false,false,2016-01-21T02:00:00.000Z,0
CVE-2016-0429,https://securityvulnerability.io/vulnerability/CVE-2016-0429,,"Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect integrity via unknown vectors related to Scheduler, a different vulnerability than CVE-2016-0401.",Oracle,Fusion Middleware,,,0.001449999981559813,false,false,false,false,,false,false,2016-01-21T02:00:00.000Z,0
CVE-2015-4808,https://securityvulnerability.io/vulnerability/CVE-2015-4808,,"Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via vectors related to Outside In Filters, a different vulnerability than CVE-2015-6013, CVE-2015-6014, CVE-2015-6015, and CVE-2016-0432.",Oracle,Fusion Middleware,,,0.0006000000284984708,false,false,false,false,,false,false,2016-01-21T02:00:00.000Z,0
CVE-2016-0441,https://securityvulnerability.io/vulnerability/CVE-2016-0441,,"Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.1.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Embedded Server.",Oracle,Fusion Middleware,,,0.0013800000306218863,false,false,false,false,,false,false,2016-01-21T02:00:00.000Z,0
CVE-2016-0404,https://securityvulnerability.io/vulnerability/CVE-2016-0404,,Unspecified vulnerability in the Oracle Identity Federation component in Oracle Fusion Middleware 11.1.2.2 allows remote attackers to affect integrity via vectors related to Admin.,Oracle,Fusion Middleware,,,0.001449999981559813,false,false,false,false,,false,false,2016-01-21T02:00:00.000Z,0
CVE-2015-4912,https://securityvulnerability.io/vulnerability/CVE-2015-4912,,Unspecified vulnerability in the Oracle Access Manager component in Oracle Fusion Middleware 11.1.2.2 and 11.1.2.3 allows remote attackers to affect confidentiality via vectors related to SSO Engine.,Oracle,Fusion Middleware,,,0.0018100000452250242,false,false,false,false,,false,false,2015-10-22T00:00:00.000Z,0