cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-20992,https://securityvulnerability.io/vulnerability/CVE-2024-20992,Content Integration Vulnerability in Oracle WebCenter Portal by Oracle,"A vulnerability has been identified in Oracle WebCenter Portal, a part of Oracle Fusion Middleware, specifically within its Content Integration component. This issue could be exploited by low-privileged attackers with network access via HTTP, requiring human interaction from a third party for successful exploitation. Although primarily affecting Oracle WebCenter Portal, the implications of this vulnerability could expand its impact to additional connected products. Successful attacks may lead to unauthorized updates, inserts, or deletions of accessible data within the Oracle WebCenter Portal, as well as unauthorized read access to sensitive data subsets.",Oracle,Webcenter Portal,4.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-16T22:15:00.000Z,0
CVE-2020-14611,https://securityvulnerability.io/vulnerability/CVE-2020-14611,Unauthenticated Access Vulnerability in Oracle WebCenter Portal from Oracle,"A vulnerability in Oracle WebCenter Portal allows an unauthenticated attacker with network access via HTTP to manipulate critical data within the system. This flaw can lead to unauthorized creation, deletion, or modification of data, as well as unauthorized reading of sensitive information. Additionally, attackers can potentially cause a partial denial of service, affecting the availability of Oracle WebCenter Portal for legitimate users. It is essential for organizations using affected versions to apply security updates to mitigate these risks.",Oracle,Webcenter Portal,8.6,HIGH,0.0008299999753944576,false,,false,false,false,,,false,false,,2020-07-15T17:34:30.000Z,0
CVE-2020-14552,https://securityvulnerability.io/vulnerability/CVE-2020-14552,Vulnerability in Oracle WebCenter Portal Security Framework,"A security vulnerability in the Oracle WebCenter Portal component of Oracle Fusion Middleware allows low-privileged attackers with HTTP access to potentially compromise the system. While the vulnerability primarily affects Oracle WebCenter Portal versions 11.1.1.9.0, 12.2.1.3.0, and 12.2.1.4.0, successful exploitations could lead to unauthorized access to sensitive data, significantly impacting related products. Attacks necessitate human interaction from a non-attacker, heightening the importance of user awareness in maintaining security.",Oracle,Webcenter Portal,6.8,MEDIUM,0.0006399999838322401,false,,false,false,false,,,false,false,,2020-07-15T17:34:26.000Z,0
CVE-2020-2555,https://securityvulnerability.io/vulnerability/CVE-2020-2555,Unauthenticated Remote Code Execution Vulnerability in Oracle Coherence by Oracle,"An exploitable vulnerability in the Oracle Coherence component of Oracle Fusion Middleware allows an unauthenticated attacker with network access via T3 to compromise various supported versions of the product. Successful exploitation can lead to complete takeover of the Oracle Coherence application, posing significant risks to confidentiality, integrity, and availability.",Oracle,"Webcenter Portal,Utilities Framework",9.8,CRITICAL,0.9713199734687805,true,2021-11-03T00:00:00.000Z,false,false,true,2021-11-03T00:00:00.000Z,true,false,false,,2020-01-15T16:34:00.000Z,0
CVE-2019-2427,https://securityvulnerability.io/vulnerability/CVE-2019-2427,,"Vulnerability in the Oracle WebCenter Portal component of Oracle Fusion Middleware (subcomponent: WebCenter Spaces Application). Supported versions that are affected are 11.1.1.9.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Portal. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebCenter Portal accessible data. CVSS 3.0 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",Oracle,Webcenter Portal,5.3,MEDIUM,0.0006600000197067857,false,,false,false,false,,,false,false,,2019-01-16T19:00:00.000Z,0
CVE-2018-3254,https://securityvulnerability.io/vulnerability/CVE-2018-3254,,Vulnerability in the Oracle WebCenter Portal component of Oracle Fusion Middleware (subcomponent: WebCenter Spaces Application). Supported versions that are affected are 11.1.1.9.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Portal. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebCenter Portal accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).,Oracle,Webcenter Portal,5.3,MEDIUM,0.0006000000284984708,false,,false,false,false,,,false,false,,2018-10-17T01:00:00.000Z,0
CVE-2018-3101,https://securityvulnerability.io/vulnerability/CVE-2018-3101,,"Vulnerability in the Oracle WebCenter Portal component of Oracle Fusion Middleware (subcomponent: Portlet Services). Supported versions that are affected are 11.1.1.9.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Portal. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle WebCenter Portal accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",Oracle,Webcenter Portal,5.3,MEDIUM,0.001129999989643693,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-2713,https://securityvulnerability.io/vulnerability/CVE-2018-2713,,"Vulnerability in the Oracle WebCenter Portal component of Oracle Fusion Middleware (subcomponent: WebCenter Spaces Application). Supported versions that are affected are 11.1.1.9.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Portal. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebCenter Portal, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle WebCenter Portal accessible data as well as unauthorized read access to a subset of Oracle WebCenter Portal accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N).",Oracle,Webcenter Portal,8.2,HIGH,0.001979999942705035,false,,false,false,false,,,false,false,,2018-01-18T02:00:00.000Z,0