This page lists publicly disclosed CVE vulnerabilities affecting oracle jdeveloper (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2016-3504 | Unspecified vulnerability in the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to ADF Faces. | [email protected] | 9.8 | 3.47% | 2016-07-21 | 2026-06-16 |
| CVE-2008-2623 | Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.3 allows local users to affect confidentiality via unknown vectors. | [email protected] | 2.1 | 0.35% | 2009-01-13 | 2026-06-16 |
| CVE-2008-2588 | Unspecified vulnerability in the Oracle JDeveloper component in Oracle Application Server 10.1.2.2 allows local users to affect confidentiality via unknown vectors. | [email protected] | 2.1 | 0.35% | 2008-10-14 | 2026-06-16 |
| CVE-2005-2292 | Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 stores cleartext passwords in (1) IDEConnections.xml, (2) XSQLConfig.xml and (3) settings.xml, which allows local users to obtain sensitive information. | [email protected] | 2.1 | 0.87% | 2005-07-18 | 2026-06-16 |
| CVE-2005-2291 | Oracle JDeveloper 9.0.4, 9.0.5, and 10.1.2 passes the cleartext password as a parameter when starting sqlplus, which allows local users to gain sensitive information. | [email protected] | 4.6 | 0.51% | 2005-07-18 | 2026-06-16 |