cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-21192,https://securityvulnerability.io/vulnerability/CVE-2024-21192,Vulnerability in Oracle Fusion Middleware’s WebLogic Management Component,"A vulnerability exists in Oracle Enterprise Manager for Fusion Middleware, specifically within the WebLogic Management component. This flaw enables an attacker, who possesses login credentials, to exploit the system easily. It allows unauthorized access to sensitive information or total control over data accessible through the Oracle Enterprise Manager for Fusion Middleware. Such breaches pose a significant risk to organizations relying on Oracle's solutions for their enterprise operations.",Oracle,Oracle Enterprise Manager For Fusion Middleware,4.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-10-15T19:52:35.130Z,0
CVE-2024-21191,https://securityvulnerability.io/vulnerability/CVE-2024-21191,Exploitable Vulnerability in Oracle Enterprise Manager Fusion Middleware Control,"A vulnerability exists within the Oracle Enterprise Manager Fusion Middleware Control product, specifically in the FMW Control Plugin. This flaw enables a low-privileged attacker with network access via HTTP to initiate exploitation attempts, requiring human interaction from another individual to succeed. Despite being located in the Fusion Middleware Control, any successful exploitation could lead to unauthorized access to sensitive data or even total access to all data within the Oracle Enterprise Manager Fusion Middleware Control. Additionally, there may be unauthorized capabilities for updating, inserting, or deleting critical data, which could pose significant risks to other products in the ecosystem.",Oracle,Oracle Enterprise Manager Fusion Middleware Control,7.6,HIGH,0.00046999999904073775,false,,false,false,false,,,false,false,,2024-10-15T19:52:34.801Z,0
CVE-2021-2134,https://securityvulnerability.io/vulnerability/CVE-2021-2134,Remote Code Execution Vulnerability in Oracle Enterprise Manager,"A vulnerability in Oracle's Enterprise Manager for Fusion Middleware allows attackers with low privileges and network access to exploit the FMW Control Plugin. This can lead to unauthorized actions that may result in significant disruption, including a denial of service, causing the application to freeze or crash frequently.",Oracle,Enterprise Manager For Fusion Middleware,6.5,MEDIUM,0.000590000010561198,false,,false,false,false,,,false,false,,2021-04-22T21:53:44.000Z,0
CVE-2021-2008,https://securityvulnerability.io/vulnerability/CVE-2021-2008,Exploitable Vulnerability in Oracle Enterprise Manager for Fusion Middleware,"A vulnerability exists in the Enterprise Manager for Fusion Middleware that enables an unauthenticated attacker to potentially compromise the system through HTTP access. This flaw allows attackers to gain unauthorized read, update, insert, or delete access to sensitive data. The vulnerability also opens the door to causing a partial denial of service, affecting the performance and availability of the Enterprise Manager application. Affected versions include 11.1.1.9 and 12.2.1.3, highlighting the necessity for users to apply the relevant security updates.",Oracle,Enterprise Manager For Fusion Middleware,7.3,HIGH,0.0009399999980814755,false,,false,false,false,,,false,false,,2021-04-22T21:53:43.000Z,0
CVE-2020-14607,https://securityvulnerability.io/vulnerability/CVE-2020-14607,Unrestricted Access Vulnerability in Oracle Fusion Middleware MapViewer,"The vulnerability in Oracle Fusion Middleware MapViewer allows an unauthenticated attacker to gain access to sensitive data via HTTP. Although exploitation requires human intervention from a victim, successful attacks can lead to unauthorized updates, insertions, or deletions of data, as well as possible unauthorized read access. This issue primarily affects the specified versions of the MapViewer but may have broader implications on related products due to the interconnected nature of Oracle's software suite.",Oracle,Fusion Middleware Mapviewer,6.1,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2020-07-15T17:34:29.000Z,0
CVE-2020-14608,https://securityvulnerability.io/vulnerability/CVE-2020-14608,Vulnerability in Oracle Fusion Middleware MapViewer Tile Server,"An improper access control vulnerability exists in the Oracle Fusion Middleware MapViewer's Tile Server component. This flaw allows an unauthenticated attacker with network access via HTTP to gain unauthorized access to critical functionalities. Exploiting this vulnerability can lead to unauthorized creation, deletion, or modification of data, along with unauthorized read access to sensitive datasets within the Oracle Fusion Middleware MapViewer. Administrators should apply security updates promptly to mitigate risks associated with this issue.",Oracle,Fusion Middleware Mapviewer,8.2,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2020-07-15T17:34:29.000Z,0
CVE-2018-3108,https://securityvulnerability.io/vulnerability/CVE-2018-3108,Oracle Fusion Middleware Vulnerability in Notification Service,"This vulnerability exists within Oracle Fusion Middleware’s Notification Service, affecting versions 12.2.1.2 and 12.2.1.3. It allows an attacker with low privileges and network access through HTTPS to exploit the system. A successful exploitation could grant unauthorized access to sensitive data, potentially compromising all accessible data within Oracle Fusion Middleware, posing significant risks for organizations relying on this platform.",Oracle,Fusion Middleware,6.5,MEDIUM,0.0007900000200606883,false,,false,false,false,,,false,false,,2018-08-02T12:00:00.000Z,0
CVE-2018-3109,https://securityvulnerability.io/vulnerability/CVE-2018-3109,Vulnerability in Oracle Fusion Middleware MapViewer Affects Multiple Versions,"This vulnerability in the Oracle Fusion Middleware MapViewer component allows a low-privileged attacker with network access via HTTP to compromise the system. Exploiting this flaw can lead to unauthorized access to sensitive data, potentially exposing all information accessible through the MapViewer interface. The risk of data breaches emphasizes the importance of applying security patches promptly to safeguard critical data.",Oracle,Fusion Middleware Mapviewer,6.5,MEDIUM,0.0007900000200606883,false,,false,false,false,,,false,false,,2018-08-02T12:00:00.000Z,0
CVE-2018-2943,https://securityvulnerability.io/vulnerability/CVE-2018-2943,Vulnerability in Oracle Fusion Middleware's MapViewer Component,"This vulnerability in Oracle Fusion Middleware's MapViewer component enables unauthenticated attackers with network access through HTTP to exploit weaknesses in the system. By leveraging this vulnerability, attackers can potentially compromise the functionality of Oracle Fusion Middleware's MapViewer, leading to severe implications such as unauthorized data access and system control. The vulnerability is present in supported versions 12.2.1.2.0 and 12.2.1.3.0.",Oracle,Fusion Middleware Mapviewer,9.8,CRITICAL,0.004679999779909849,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2017-3230,https://securityvulnerability.io/vulnerability/CVE-2017-3230,,"Vulnerability in the Oracle Fusion Middleware MapViewer component of Oracle Fusion Middleware (subcomponent: Map Builder). Supported versions that are affected are 11.1.1.9, 12.2.1.1 and 12.2.1.2. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Fusion Middleware MapViewer. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Fusion Middleware MapViewer accessible data as well as unauthorized read access to a subset of Oracle Fusion Middleware MapViewer accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Fusion Middleware MapViewer. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L).",Oracle,Fusion Middleware Mapviewer,8.6,HIGH,0.5590100288391113,false,,false,false,false,,,false,false,,2017-04-24T19:00:00.000Z,0
CVE-2016-3496,https://securityvulnerability.io/vulnerability/CVE-2016-3496,,"Unspecified vulnerability in the Enterprise Manager for Fusion Middleware component in Oracle Enterprise Manager Grid Control 11.1.1.7, and 11.1.1.9 allows remote attackers to affect confidentiality via vectors related to SOA Topology Viewer.",Oracle,Enterprise Manager For Fusion Middleware,4.7,MEDIUM,0.0014400000218302011,false,,false,false,false,,,false,false,,2016-07-21T10:00:00.000Z,0
CVE-2016-0464,https://securityvulnerability.io/vulnerability/CVE-2016-0464,,"Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via vectors related to WLS-Console.",Oracle,Fusion Middleware,,,0.0028899998869746923,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0
CVE-2016-0413,https://securityvulnerability.io/vulnerability/CVE-2016-0413,,Unspecified vulnerability in the Oracle Identity Federation component in Oracle Fusion Middleware 11.1.1.7 allows remote authenticated users to affect integrity via vectors related to Federation protocol support.,Oracle,Fusion Middleware,,,0.000859999970998615,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0
CVE-2016-0429,https://securityvulnerability.io/vulnerability/CVE-2016-0429,,"Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect integrity via unknown vectors related to Scheduler, a different vulnerability than CVE-2016-0401.",Oracle,Fusion Middleware,,,0.001449999981559813,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0
CVE-2016-0439,https://securityvulnerability.io/vulnerability/CVE-2016-0439,,"Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect confidentiality via vectors related to SSL support, a different vulnerability than CVE-2016-0430.",Oracle,Fusion Middleware,,,0.0018100000452250242,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0
CVE-2016-0433,https://securityvulnerability.io/vulnerability/CVE-2016-0433,,Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.9.0 allows remote attackers to affect confidentiality via vectors related to SSL support.,Oracle,Fusion Middleware,,,0.0025100000202655792,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0
CVE-2016-0453,https://securityvulnerability.io/vulnerability/CVE-2016-0453,,Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.1.2 allows remote attackers to affect integrity via unknown vectors related to Embedded Server.,Oracle,Fusion Middleware,,,0.0012499999720603228,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0
CVE-2015-4808,https://securityvulnerability.io/vulnerability/CVE-2015-4808,,"Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via vectors related to Outside In Filters, a different vulnerability than CVE-2015-6013, CVE-2015-6014, CVE-2015-6015, and CVE-2016-0432.",Oracle,Fusion Middleware,,,0.0006000000284984708,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0
CVE-2016-0432,https://securityvulnerability.io/vulnerability/CVE-2016-0432,,"Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware 8.5.0, 8.5.1, and 8.5.2 allows local users to affect availability via unknown vectors related to Outside In Filters, a different vulnerability than CVE-2015-4808, CVE-2015-6013, CVE-2015-6014, and CVE-2015-6015.",Oracle,Fusion Middleware,,,0.0006000000284984708,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0
CVE-2016-0401,https://securityvulnerability.io/vulnerability/CVE-2016-0401,,"Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect integrity via unknown vectors related to Scheduler, a different vulnerability than CVE-2016-0429.",Oracle,Fusion Middleware,,,0.001449999981559813,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0
CVE-2016-0430,https://securityvulnerability.io/vulnerability/CVE-2016-0430,,"Unspecified vulnerability in the Web Cache component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect confidentiality via vectors related to SSL support, a different vulnerability than CVE-2016-0439.",Oracle,Fusion Middleware,,,0.0025100000202655792,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0
CVE-2016-0441,https://securityvulnerability.io/vulnerability/CVE-2016-0441,,"Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 3.1.2 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Embedded Server.",Oracle,Fusion Middleware,,,0.001509999972768128,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0
CVE-2016-0470,https://securityvulnerability.io/vulnerability/CVE-2016-0470,,"Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to BI Publisher Security.",Oracle,Fusion Middleware,,,0.000859999970998615,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0
CVE-2016-0404,https://securityvulnerability.io/vulnerability/CVE-2016-0404,,Unspecified vulnerability in the Oracle Identity Federation component in Oracle Fusion Middleware 11.1.2.2 allows remote attackers to affect integrity via vectors related to Admin.,Oracle,Fusion Middleware,,,0.001449999981559813,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0
CVE-2015-4909,https://securityvulnerability.io/vulnerability/CVE-2015-4909,,"Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.4.0, 12.1.2.0.0, and 12.1.3.0.0 allows remote attackers to affect integrity via vectors related to ADF Faces.",Oracle,Fusion Middleware,,,0.0018100000452250242,false,,false,false,false,,,false,false,,2015-10-22T00:00:00.000Z,0