238 matches found
CVE-2023-21838
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle...
CVE-2023-21837
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP to compromise Oracle...
CVE-2020-6282
SAP NetWeaver AS JAVA IIOP service SERVERCORE, versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, and SAP NetWeaver AS JAVA IIOP service CORE-TOOLS, versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker to send a crafted request from a vulnerable web application. It is usually use...
CVE-2011-1313
Double free vulnerability in IBM WebSphere Application Server WAS 6.1.0.x before 6.1.0.35 and 7.x before 7.0.0.15 allows remote backend IIOP servers to cause a denial of service S0C4 ABEND and storage corruption by rejecting IIOP requests at opportunistic time instants, as demonstrated by request...
IIOP Deserialization Remote Code Execution Vulnerability in Kingdee Apusic Application Server of Kingdee Software (China) Co.
Kingdee Apusic Application Server AAS is an enterprise-level middleware, which fully supports JakartaEE specification, provides Web, EJB, WebService containers, and adapts to domestic hardware and software, and is used to support the operation of enterprise-level applications. A remote code...
CVE-2020-2963
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Web Services. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via IIOP, T3 to...
The vulnerability of the Core server component of Oracle WebLogic Server, a software platform of Oracle Fusion Middleware, allows attackers to disclose protected information.
The vulnerability of the Core server component of Oracle WebLogic Server, a software platform of Oracle Fusion Middleware, is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to disclose sensitive information using the T3/IIOP protocol...
PT-2025-4257
The vulnerable software is Oracle WebLogic Server, specifically the Core component of Oracle Fusion Middleware. The affected versions are 12.2.1.4.0 and 14.1.1.0.0. This issue allows an unauthenticated attacker to remotely compromise a WebLogic server via T3 or IIOP protocols, potentially leading...
Oracle WebLogic Server Unspecified Vulnerability
Oracle WebLogic Server, a product within the Fusion Middleware suite, contains an unspecified vulnerability exploitable by an unauthenticated attacker with network access via IIOP or T3...
PT-2024-6823
Name of the Vulnerable Software and Affected Versions Oracle WebLogic Server versions 12.2.1.4.0 and 14.1.1.0.0 Description The issue is related to a vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware, specifically in the Core component. This vulnerability allows an...
PT-2024-6926 · Oracle · Oracle Weblogic Server
Name of the Vulnerable Software and Affected Versions: Oracle WebLogic Server versions 12.2.1.4.0 through 12.2.1.4.0 Oracle WebLogic Server versions 14.1.1.0.0 through 14.1.1.0.0 Description: The issue is related to insufficient input validation in the Core component of Oracle WebLogic Server. Th...
Oracle WebLogic Server Remote Code Execution Vulnerability
Oracle WebLogic Server, a product within the Fusion Middleware suite, contains a deserialization vulnerability. Unauthenticated attackers with network access via T3 or IIOP can exploit this vulnerability to achieve remote code execution...
Oracle WebLogic Server (July 2024 CPU)
The 12.2.1.4.0 and 14.1.1.0.0 versions of WebLogic Server installed on the remote host are affected by multiple vulnerabilities as referenced in the July 2024 CPU advisory: - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that a...
CVE-2024-21182
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic...
CVE-2024-21182
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic...
PT-2024-5587 · Oracle · Oracle Weblogic Server
Name of the Vulnerable Software and Affected Versions: Oracle WebLogic Server versions 12.2.1.4.0 through 14.1.1.0.0 Description: The issue is related to insufficient input validation in the Core component of Oracle WebLogic Server, allowing an unauthenticated attacker with network access via T3 ...
PT-2023-9842
Name of the Vulnerable Software and Affected Versions Oracle WebLogic Server version 12.2.1.4.0 Oracle WebLogic Server version 14.1.1.0.0 Description A flaw in the Core component of Oracle WebLogic Server, part of Oracle Fusion Middleware, is caused by insufficient input validation and a...
PT-2023-9637 · Oracle · Oracle Weblogic Server
Name of the Vulnerable Software and Affected Versions: Oracle WebLogic Server versions 12.2.1.4.0 through 14.1.1.0.0 Description: The issue is related to insufficient protection of internal data in the Oracle WebLogic Server Core component. This can be exploited by a remote attacker to gain...
Oracle Fusion Middleware Unspecified Vulnerability
Oracle Fusion Middleware contains an unspecified vulnerability in the WLS Core Components that allows an unauthenticated attacker with network access via IIOP to compromise the WebLogic Server...
The vulnerability of the Core server component of Oracle WebLogic Server allows a hacker to execute arbitrary code.
The vulnerability of the Core server component of Oracle WebLogic Server is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely by injecting specially crafted messages via T3 and IIOP protocols...