CVE-2021-2008

Vulnerability in the Enterprise Manager for Fusion Middleware product of Oracle Enterprise Manager component: FMW Control Plugin. The supported version that is affected are 11.1.1.9 and 12.2.1.3 Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

Oracle Business Intelligence Publisher Multiple Vulnerabilities (Apr 2020 CPU)

The version of Oracle Business Intelligence Publisher running on the remote host is 11.1.1.9.x prior to 11.1.1.9.200414 or 12.2.1.3.x prior to 12.2.1.3.200414 or 12.2.1.4.x prior to 12.2.1.4.200414. It is, therefore, affected by multiple vulnerabilities as noted in the April 2020 Critical Patch...

Oracle Reports Developer Component 12.2.1.3 - Cross-site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Cross-site Scripting XSS Exploit Author: Mohamed M.Fouad - From SecureMisr Company Vendor Homepage: https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html Version: 12.2.1.3 REQUIRED Tested on: Windows 10 CV...

Oracle Reports Developer Component 12.2.1.3 - Cross-site Scripting

Oracle Reports Developer Component 12.2.1.3 - Cross-site Scripting Exploit Title: Cross-site Scripting XSS Date: 2019-01-15 Exploit Author: Mohamed M.Fouad - From SecureMisr Company Vendor Homepage: https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html Version: 12.2.1.3...

CVE-2019-2441

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: Application Container - JavaEE. The supported version that is affected is 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

CVE-2019-2413

Vulnerability in the Oracle Reports Developer component of Oracle Fusion Middleware subcomponent: Valid Session. The supported version that is affected is 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Reports Developer...

CVE-2019-2414

Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware subcomponent: Web Listener. The supported version that is affected is 12.2.1.3. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle HTTP Server executes to...

CVE-2019-2414

Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware subcomponent: Web Listener. The supported version that is affected is 12.2.1.3. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle HTTP Server executes to...

CVE-2019-2398

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS - Deployment. Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

Buffer overflow

Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware subcomponent: Web Listener. The supported version that is affected is 12.2.1.3. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle HTTP Server executes to...

Unspecified Vulnerability in Oracle WebLogic Server (CNVD-2019-27117)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle. The platform provides middleware, software collections, etc. WebLogic Server is one of the application server components for cloud and traditional...

Unspecified Vulnerability in Oracle WebLogic Server (CNVD-2019-27118)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle. The platform provides middleware, software collection, etc. WebLogic Server is one of the application server components for cloud and traditional...

Unspecified Vulnerability in Oracle WebLogic Server (CNVD-2019-27116)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle. The platform provides middleware, software collection, etc. WebLogic Server is one of the application server components for cloud and traditional...

CVE-2018-3252

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS Core Components. Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise...

Unspecified Vulnerability in Oracle WebLogic Server (CNVD-2018-24315)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle. The platform provides middleware, software collection, etc. WebLogic Server is one of the application server components for cloud and traditional...

Unspecified Vulnerability in Oracle WebLogic Server (CNVD-2018-24321)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle. The platform provides middleware, software collection, etc. WebLogic Server is one of the application server components for cloud and traditional...

Oracle Weblogic Server Deserialization RCE

An unauthenticated attacker with network access to the Oracle Weblogic Server T3 interface can send a serialized object to the interface to execute code on vulnerable hosts. This module requires Metasploit: https://metasploit.com/download Current source:...

CVE-2018-3108

Vulnerability in the Oracle Fusion Middleware component of Oracle Fusion Middleware subcomponent: Oracle Notification Service. Supported versions that are affected are 12.2.1.2 and 12.2.1.3. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTPS to...

CVE-2018-2933

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS Core Components. Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP t...

CVE-2018-2998

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: SAML. Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Orac...