cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2018-2711,https://securityvulnerability.io/vulnerability/CVE-2018-2711,,"Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: Security Framework). Supported versions that are affected are 11.1.1.2.4, 11.1.1.7.0, 11.1.1.7.1, 11.1.1.9.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle JDeveloper. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle JDeveloper, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle JDeveloper accessible data as well as unauthorized update, insert or delete access to some of Oracle JDeveloper accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N).",Oracle,Jdeveloper,8.2,HIGH,0.0014700000174343586,false,false,false,false,,false,false,2018-01-18T02:00:00.000Z,0
CVE-2017-10273,https://securityvulnerability.io/vulnerability/CVE-2017-10273,,"Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: Deployment). Supported versions that are affected are 11.1.1.7.0, 11.1.1.7.1, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0 and 12.2.1.2.0. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle JDeveloper executes to compromise Oracle JDeveloper. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle JDeveloper, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle JDeveloper accessible data as well as unauthorized read access to a subset of Oracle JDeveloper accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle JDeveloper. CVSS 3.0 Base Score 4.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:C/C:L/I:L/A:L).",Oracle,Jdeveloper,4.7,MEDIUM,0.004370000213384628,false,false,false,false,,false,false,2018-01-18T02:00:00.000Z,0
CVE-2017-3255,https://securityvulnerability.io/vulnerability/CVE-2017-3255,,"Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: ADF Faces). Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0, 12.2.1.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle JDeveloper. While the vulnerability is in Oracle JDeveloper, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle JDeveloper accessible data. CVSS v3.0 Base Score 5.8 (Confidentiality impacts).",Oracle,Jdeveloper,5.8,MEDIUM,0.0013500000350177288,false,false,false,false,,false,false,2017-01-27T22:01:00.000Z,0
CVE-2016-3504,https://securityvulnerability.io/vulnerability/CVE-2016-3504,,"Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to ADF Faces.",Oracle,Jdeveloper,9.8,CRITICAL,0.006949999835342169,false,false,false,false,,false,false,2016-07-21T10:00:00.000Z,0
CVE-2008-2623,https://securityvulnerability.io/vulnerability/CVE-2008-2623,,Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.3 allows local users to affect confidentiality via unknown vectors.,Oracle,Jdeveloper,,,0.0012700000079348683,false,false,false,false,,false,false,2009-01-14T02:00:00.000Z,0
CVE-2008-2588,https://securityvulnerability.io/vulnerability/CVE-2008-2588,,Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.2 allows local users to affect confidentiality via unknown vectors.,Oracle,Jdeveloper,,,0.0006399999838322401,false,false,false,false,,false,false,2008-10-14T21:00:00.000Z,0
CVE-2005-2291,https://securityvulnerability.io/vulnerability/CVE-2005-2291,,"Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 passes the cleartext password as a parameter when starting sqlplus, which allows local users to gain sensitive information.",Oracle,Jdeveloper,,,0.0008500000112690032,false,false,false,false,,false,false,2005-07-18T04:00:00.000Z,0
CVE-2005-2292,https://securityvulnerability.io/vulnerability/CVE-2005-2292,,"Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 stores cleartext passwords in (1) IDEConnections.xml, (2) XSQLConfig.xml and (3) settings.xml, which allows local users to obtain sensitive information.",Oracle,Jdeveloper,,,0.0006699999794363976,false,false,false,false,,false,false,2005-07-18T04:00:00.000Z,0