Oracle: >> Jdeveloper Security Vulnerabilities
Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to ADF Faces.
CVSS Score
9.8
EPSS Score
0.009
Published
2016-07-21
Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.3 allows local users to affect confidentiality via unknown vectors.
CVSS Score
2.1
EPSS Score
0.002
Published
2009-01-14
Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.2 allows local users to affect confidentiality via unknown vectors.
CVSS Score
2.1
EPSS Score
0.002
Published
2008-10-14
Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 passes the cleartext password as a parameter when starting sqlplus, which allows local users to gain sensitive information.
CVSS Score
4.6
EPSS Score
0.008
Published
2005-07-18
Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 stores cleartext passwords in (1) IDEConnections.xml, (2) XSQLConfig.xml and (3) settings.xml, which allows local users to obtain sensitive information.
CVSS Score
2.1
EPSS Score
0.003
Published
2005-07-18
Page 3