Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

Positive Technologies
Positive Technologiesadded 2023/10/17 12:0 a.m.2 views

PT-2023-6206 · Oracle · Oracle Weblogic Server

Name of the Vulnerable Software and Affected Versions: Oracle WebLogic Server version 12.2.1.3.0 Description: The issue is related to insufficient input validation in the Core component of Oracle WebLogic Server, allowing an unauthenticated attacker with network access via T3, IIOP to compromise...

10CVSS8.9AI score0.00661EPSS
Exploits0References13
OSV
OSVadded 2021/01/20 3:15 p.m.0 views

CVE-2021-2108

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core Components. The supported version that is affected is 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server...

9.8CVSS7.3AI score
Exploits0References1
CNNVD
CNNVDadded 2021/01/19 12:0 a.m.2 views

Oracle Fusion Middleware Component Authorization Issues Vulnerability

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle. The platform provides middleware, software collections, and other capabilities.WebLogic Server is one of the application server components for both cloud...

9.8CVSS5.8AI score0.27775EPSS
Exploits0References3
OSV
OSVadded 2020/04/15 2:15 p.m.0 views

CVE-2020-2883

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to...

9.8CVSS7.5AI score0.94371EPSS
Exploits11References5
RedHat Linux
RedHat Linuxadded 2018/11/08 3:53 p.m.4 views

JBoss/WildFly: iiop does not honour strict transport confidentiality

The IIOP OpenJDK Subsystem in WildFly before version 14.0.0 does not honour configuration when SSL transport is required. Servers before this version that are configured with the following setting allow clients to create plaintext connections:...

5.9CVSS5.8AI score0.00227EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2015/07/15 12:1 p.m.3 views

OpenJDK: IIOPInputStream type confusion vulnerability (CORBA, 8076376)

Unspecified vulnerability in Oracle Java SE 6u95, 7u80, and 8u45, and Java SE Embedded 7u75 and 8u33 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA...

10CVSS7AI score0.08661EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2014/01/27 7:54 p.m.3 views

OpenJDK: insufficient security checks in IIOP streams (CORBA, 8025767)

Unspecified vulnerability in Oracle Java SE 5.0u55, 6u65, and 7u45; Java SE Embedded 7u45; and OpenJDK 7 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to CORBA. NOTE: the previous information is from the January 2014 CPU. Oracle has not comment...

10CVSS6.4AI score0.0813EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2013/02/04 11:51 p.m.1 views

OpenJDK: IIOP type reuse sandbox bypass (CORBA, 8000540, SE-2012-01 Issue 50)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 through Update 11, 6 through Update 38, 5.0 through Update 38, and 1.4.240 and earlier, and OpenJDK 6 and 7, allows remote attackers to affect confidentiality, integrity, and availability via vectors relat...

10CVSS7.4AI score0.01185EPSS
Exploits0References5
Rows per page
Query Builder