cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-21192,https://securityvulnerability.io/vulnerability/CVE-2024-21192,Vulnerability in Oracle Fusion Middleware’s WebLogic Management Component,"A vulnerability exists in Oracle Enterprise Manager for Fusion Middleware, specifically within the WebLogic Management component. This flaw enables an attacker, who possesses login credentials, to exploit the system easily. It allows unauthorized access to sensitive information or total control over data accessible through the Oracle Enterprise Manager for Fusion Middleware. Such breaches pose a significant risk to organizations relying on Oracle's solutions for their enterprise operations.",Oracle,Oracle Enterprise Manager For Fusion Middleware,4.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-10-15T19:52:35.130Z,0
CVE-2024-21191,https://securityvulnerability.io/vulnerability/CVE-2024-21191,Exploitable Vulnerability in Oracle Enterprise Manager Fusion Middleware Control,"A vulnerability exists within the Oracle Enterprise Manager Fusion Middleware Control product, specifically in the FMW Control Plugin. This flaw enables a low-privileged attacker with network access via HTTP to initiate exploitation attempts, requiring human interaction from another individual to succeed. Despite being located in the Fusion Middleware Control, any successful exploitation could lead to unauthorized access to sensitive data or even total access to all data within the Oracle Enterprise Manager Fusion Middleware Control. Additionally, there may be unauthorized capabilities for updating, inserting, or deleting critical data, which could pose significant risks to other products in the ecosystem.",Oracle,Oracle Enterprise Manager Fusion Middleware Control,7.6,HIGH,0.00046999999904073775,false,,false,false,false,,,false,false,,2024-10-15T19:52:34.801Z,0
CVE-2021-2134,https://securityvulnerability.io/vulnerability/CVE-2021-2134,Remote Code Execution Vulnerability in Oracle Enterprise Manager,"A vulnerability in Oracle's Enterprise Manager for Fusion Middleware allows attackers with low privileges and network access to exploit the FMW Control Plugin. This can lead to unauthorized actions that may result in significant disruption, including a denial of service, causing the application to freeze or crash frequently.",Oracle,Enterprise Manager For Fusion Middleware,6.5,MEDIUM,0.000590000010561198,false,,false,false,false,,,false,false,,2021-04-22T21:53:44.000Z,0
CVE-2021-2008,https://securityvulnerability.io/vulnerability/CVE-2021-2008,Exploitable Vulnerability in Oracle Enterprise Manager for Fusion Middleware,"A vulnerability exists in the Enterprise Manager for Fusion Middleware that enables an unauthenticated attacker to potentially compromise the system through HTTP access. This flaw allows attackers to gain unauthorized read, update, insert, or delete access to sensitive data. The vulnerability also opens the door to causing a partial denial of service, affecting the performance and availability of the Enterprise Manager application. Affected versions include 11.1.1.9 and 12.2.1.3, highlighting the necessity for users to apply the relevant security updates.",Oracle,Enterprise Manager For Fusion Middleware,7.3,HIGH,0.0009399999980814755,false,,false,false,false,,,false,false,,2021-04-22T21:53:43.000Z,0
CVE-2020-14608,https://securityvulnerability.io/vulnerability/CVE-2020-14608,Vulnerability in Oracle Fusion Middleware MapViewer Tile Server,"An improper access control vulnerability exists in the Oracle Fusion Middleware MapViewer's Tile Server component. This flaw allows an unauthenticated attacker with network access via HTTP to gain unauthorized access to critical functionalities. Exploiting this vulnerability can lead to unauthorized creation, deletion, or modification of data, along with unauthorized read access to sensitive datasets within the Oracle Fusion Middleware MapViewer. Administrators should apply security updates promptly to mitigate risks associated with this issue.",Oracle,Fusion Middleware Mapviewer,8.2,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2020-07-15T17:34:29.000Z,0
CVE-2020-14607,https://securityvulnerability.io/vulnerability/CVE-2020-14607,Unrestricted Access Vulnerability in Oracle Fusion Middleware MapViewer,"The vulnerability in Oracle Fusion Middleware MapViewer allows an unauthenticated attacker to gain access to sensitive data via HTTP. Although exploitation requires human intervention from a victim, successful attacks can lead to unauthorized updates, insertions, or deletions of data, as well as possible unauthorized read access. This issue primarily affects the specified versions of the MapViewer but may have broader implications on related products due to the interconnected nature of Oracle's software suite.",Oracle,Fusion Middleware Mapviewer,6.1,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2020-07-15T17:34:29.000Z,0
CVE-2018-3108,https://securityvulnerability.io/vulnerability/CVE-2018-3108,,Vulnerability in the Oracle Fusion Middleware component of Oracle Fusion Middleware (subcomponent: Oracle Notification Service). Supported versions that are affected are 12.2.1.2 and 12.2.1.3. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle Fusion Middleware. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Fusion Middleware accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N).,Oracle,Fusion Middleware,6.5,MEDIUM,0.0007900000200606883,false,,false,false,false,,,false,false,,2018-08-02T12:00:00.000Z,0
CVE-2018-3109,https://securityvulnerability.io/vulnerability/CVE-2018-3109,,Vulnerability in the Oracle Fusion Middleware MapViewer component of Oracle Fusion Middleware (subcomponent: Map Builder). Supported versions that are affected are 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Fusion Middleware MapViewer. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Fusion Middleware MapViewer accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).,Oracle,Fusion Middleware Mapviewer,6.5,MEDIUM,0.0007900000200606883,false,,false,false,false,,,false,false,,2018-08-02T12:00:00.000Z,0
CVE-2018-2943,https://securityvulnerability.io/vulnerability/CVE-2018-2943,,"Vulnerability in the Oracle Fusion Middleware MapViewer component of Oracle Fusion Middleware (subcomponent: Map Builder). Supported versions that are affected are 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Fusion Middleware MapViewer. Successful attacks of this vulnerability can result in takeover of Oracle Fusion Middleware MapViewer. CVSS 3.0 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).",Oracle,Fusion Middleware Mapviewer,9.8,CRITICAL,0.004679999779909849,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2017-3230,https://securityvulnerability.io/vulnerability/CVE-2017-3230,,"Vulnerability in the Oracle Fusion Middleware MapViewer component of Oracle Fusion Middleware (subcomponent: Map Builder). Supported versions that are affected are 11.1.1.9, 12.2.1.1 and 12.2.1.2. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Fusion Middleware MapViewer. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Fusion Middleware MapViewer accessible data as well as unauthorized read access to a subset of Oracle Fusion Middleware MapViewer accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Fusion Middleware MapViewer. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L).",Oracle,Fusion Middleware Mapviewer,8.6,HIGH,0.5590100288391113,false,,false,false,false,,,false,false,,2017-04-24T19:00:00.000Z,0
CVE-2016-3496,https://securityvulnerability.io/vulnerability/CVE-2016-3496,,"Unspecified vulnerability in the Enterprise Manager for Fusion Middleware component in Oracle Enterprise Manager Grid Control 11.1.1.7, and 11.1.1.9 allows remote attackers to affect confidentiality via vectors related to SOA Topology Viewer.",Oracle,Enterprise Manager For Fusion Middleware,4.7,MEDIUM,0.0014400000218302011,false,,false,false,false,,,false,false,,2016-07-21T10:00:00.000Z,0
CVE-2016-0404,https://securityvulnerability.io/vulnerability/CVE-2016-0404,,Unspecified vulnerability in the Oracle Identity Federation component in Oracle Fusion Middleware 11.1.2.2 allows remote attackers to affect integrity via vectors related to Admin.,Oracle,Fusion Middleware,,,0.001449999981559813,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0
CVE-2016-0441,https://securityvulnerability.io/vulnerability/CVE-2016-0441,,"Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.1.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Embedded Server.",Oracle,Fusion Middleware,,,0.001509999972768128,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0
CVE-2016-0464,https://securityvulnerability.io/vulnerability/CVE-2016-0464,,"Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via vectors related to WLS-Console.",Oracle,Fusion Middleware,,,0.0028899998869746923,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0
CVE-2015-4808,https://securityvulnerability.io/vulnerability/CVE-2015-4808,,"Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via vectors related to Outside In Filters, a different vulnerability than CVE-2015-6013, CVE-2015-6014, CVE-2015-6015, and CVE-2016-0432.",Oracle,Fusion Middleware,,,0.0006000000284984708,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0
CVE-2016-0470,https://securityvulnerability.io/vulnerability/CVE-2016-0470,,"Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to BI Publisher Security.",Oracle,Fusion Middleware,,,0.000859999970998615,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0
CVE-2016-0401,https://securityvulnerability.io/vulnerability/CVE-2016-0401,,"Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect integrity via unknown vectors related to Scheduler, a different vulnerability than CVE-2016-0429.",Oracle,Fusion Middleware,,,0.001449999981559813,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0
CVE-2016-0433,https://securityvulnerability.io/vulnerability/CVE-2016-0433,,Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.9.0 allows remote attackers to affect confidentiality via vectors related to SSL support.,Oracle,Fusion Middleware,,,0.0025100000202655792,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0
CVE-2016-0413,https://securityvulnerability.io/vulnerability/CVE-2016-0413,,Unspecified vulnerability in the Oracle Identity Federation component in Oracle Fusion Middleware 11.1.1.7 allows remote authenticated users to affect integrity via vectors related to Federation protocol support.,Oracle,Fusion Middleware,,,0.000859999970998615,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0
CVE-2016-0453,https://securityvulnerability.io/vulnerability/CVE-2016-0453,,Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.1.2 allows remote attackers to affect integrity via unknown vectors related to Embedded Server.,Oracle,Fusion Middleware,,,0.0012499999720603228,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0
CVE-2016-0432,https://securityvulnerability.io/vulnerability/CVE-2016-0432,,"Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4808, CVE-2015-6013, CVE-2015-6014, and CVE-2015-6015.",Oracle,Fusion Middleware,,,0.0006000000284984708,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0
CVE-2016-0429,https://securityvulnerability.io/vulnerability/CVE-2016-0429,,"Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect integrity via unknown vectors related to Scheduler, a different vulnerability than CVE-2016-0401.",Oracle,Fusion Middleware,,,0.001449999981559813,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0
CVE-2016-0430,https://securityvulnerability.io/vulnerability/CVE-2016-0430,,"Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect confidentiality via vectors related to SSL support, a different vulnerability than CVE-2016-0439.",Oracle,Fusion Middleware,,,0.0025100000202655792,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0
CVE-2016-0439,https://securityvulnerability.io/vulnerability/CVE-2016-0439,,"Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect confidentiality via vectors related to SSL support, a different vulnerability than CVE-2016-0430.",Oracle,Fusion Middleware,,,0.0018100000452250242,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0
CVE-2015-4909,https://securityvulnerability.io/vulnerability/CVE-2015-4909,,"Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.4.0, 12.1.2.0.0, and 12.1.3.0.0 allows remote attackers to affect integrity via vectors related to ADF Faces.",Oracle,Fusion Middleware,,,0.0018100000452250242,false,,false,false,false,,,false,false,,2015-10-22T00:00:00.000Z,0