Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:oracle:sql_developer:20.4.1.407.0006:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-21969 |
Vulnerability in Oracle SQL Developer (component: Installation). Supported versions that are affected are Prior to 23.1.0. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle SQL Developer executes to compromise Oracle SQL Developer. Successful attacks of this vulnerability can result in takeover of Oracle SQL Developer. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). Published: April 18, 2023; 4:15:16 PM -0400 |
V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2021-45105 |
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue was fixed in Log4j 2.17.0, 2.12.3, and 2.3.1. Published: December 18, 2021; 7:15:07 AM -0500 |
V3.1: 5.9 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2020-13956 |
Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution. Published: December 02, 2020; 12:15:14 PM -0500 |
V3.1: 5.3 MEDIUM V2.0: 5.0 MEDIUM |