CVSS: 8.2EPSS: 1%CPEs: 5EXPL: 0CVE-2018-2711
https://notcve.org/view.php?id=CVE-2018-2711
18 Jan 2018 — Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: Security Framework). Supported versions that are affected are 11.1.1.2.4, 11.1.1.7.0, 11.1.1.7.1, 11.1.1.9.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle JDeveloper. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle JDeveloper, attacks may significantly impact... • http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html •
CVSS: 4.7EPSS: 0%CPEs: 6EXPL: 2CVE-2017-10273 – Oracle JDeveloper 11.1.x/12.x - Directory Traversal
https://notcve.org/view.php?id=CVE-2017-10273
18 Jan 2018 — Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: Deployment). Supported versions that are affected are 11.1.1.7.0, 11.1.1.7.1, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0 and 12.2.1.2.0. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle JDeveloper executes to compromise Oracle JDeveloper. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle J... • https://packetstorm.news/files/id/145966 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.8EPSS: 0%CPEs: 7EXPL: 0CVE-2017-3255
https://notcve.org/view.php?id=CVE-2017-3255
27 Jan 2017 — Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: ADF Faces). Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0, 12.2.1.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle JDeveloper. While the vulnerability is in Oracle JDeveloper, attacks may significantly impact additional products. Successful attacks of this vulnerability can resul... • http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 2%CPEs: 5EXPL: 0CVE-2016-3504
https://notcve.org/view.php?id=CVE-2016-3504
21 Jul 2016 — Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to ADF Faces. Vulnerabilidad no especificada en el componente Oracle JDeveloper en Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0 y 12.2.1.0.0 permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibilidad a ... • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html •