EUVD-2026-35916

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.4 and 6.0, the esptee component exposes secure-service wrappers in espsecureservices.c and espsecureservicesiram.c that bridge calls from the user application i.e. the REE to TEE-protected hardware peripherals...

CVE-2026-34315

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Web Services. Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2026-34315

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Web Services. Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

PT-2026-34129

Name of the Vulnerable Software and Affected Versions Oracle WebLogic Server version 12.2.1.4.0 Oracle WebLogic Server version 14.1.1.0.0 Oracle WebLogic Server version 14.1.2.0.0 Oracle WebLogic Server version 15.1.1.0.0 Description An issue in the Web Services component allows an unauthenticate...

CVE-2025-14559

A flaw was found in the keycloak-services component of Keycloak. This vulnerability allows the issuance of access and refresh tokens for disabled users, leading to unauthorized use of previously revoked privileges, via a business logic vulnerability in the Token Exchange implementation when a...

The vulnerability of the CoreServices component in macOS operating systems, which allows attackers to escalate their privileges.

The vulnerability of the CoreServices component in macOS operating systems is related to insecure management of privileges. Exploiting this vulnerability can allow a remote attacker to increase their privileges...

The vulnerability of the Web Services component of the Oracle Hyperion Data Relationship Management data management application allows a perpetrator to gain full control over the application.

The vulnerability of the Web Services component of the Oracle Hyperion Data Relationship Management data management application relates to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow an attacker, operating remotely, to gain full control over the...

The vulnerability of the Web Services component of the Oracle WebLogic Server application server, a software platform of Oracle Fusion Middleware, allows attackers to trigger service failures.

The vulnerability of the Web Services component of the Oracle WebLogic Server application server, a software platform of Oracle Fusion Middleware, exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures using the HTTP...

PT-2023-2480 · Oracle · Oracle Weblogic Server

Name of the Vulnerable Software and Affected Versions: Oracle WebLogic Server versions 12.2.1.3.0 through 14.1.1.0.0 Description: The issue allows an unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks can result in the unauthorized abili...

Oracle Fusion Middleware和Oracle WebLogic Server 输入验证错误漏洞

Oracle Fusion Middleware Oracle Fusion Middleware and Oracle WebLogic Server are both products of Oracle Corporation.Oracle Fusion Middleware is a business innovation platform for enterprise and cloud environments. The platform provides middleware, software collections, etc. Oracle WebLogic Serve...

The vulnerability of the Web Services component of the Oracle WebLogic Server application server, a software platform of Oracle Fusion Middleware, allows attackers to cause service failures.

The vulnerability of the Web Services component of the Oracle WebLogic Server application server, a software platform of Oracle Fusion Middleware, is related to improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause service failures using the T3...

CVE-2021-2211

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Web Services. Supported versions that are affected are 10.3.6.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via T3, IIOP ...

PT-2021-17500 · Unknown · Phpgurukul Beauty Parlour Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Beauty Parlour Management System version 1.0 Description: The issue allows remote attackers to execute arbitrary code by injecting arbitrary HTML into the sername parameter in the "add-services.php" component. This enables attacker...

PT-2021-1856 · Oracle · Oracle Weblogic Server

Name of the Vulnerable Software and Affected Versions: Oracle WebLogic Server versions 10.3.6.0.0 through 12.1.3.0.0 Description: The issue is related to insufficient access control in the Web Services component of Oracle WebLogic Server, allowing an unauthenticated attacker with network access v...

The vulnerability of the Web Services component of the Oracle WebLogic Server application server allows a perpetrator to gain access to confidential information.

The vulnerability of the Web Services component of Oracle WebLogic Server servers exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to access confidential information using IIOP and T3 protocols...

The vulnerability of the Web Services sub-component of the Oracle WebLogic Server application server, a software platform of Oracle Fusion Middleware, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Web Services sub-component of the Oracle WebLogic Server application server, a software platform of Oracle Fusion Middleware, is related to the lack of protection for operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain...

CVE-2019-2890

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Web Services. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via T3 to compromise Oracle...

Unspecified Vulnerability in Oracle WebLogic Server (CNVD-2019-36442)

Oracle WebLogic Server is a Java EE application server. An unspecified vulnerability exists in the Web Services component in Oracle WebLogic Server 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0. An attacker could exploit this vulnerability to compromise confidentiality...

The vulnerability of the WLS component – the Web Services server of the J2EE application servers from Oracle WebLogic Server – allows attackers to gain access to confidential information.

The vulnerability of the WLS component—the Web Services server for J2EE applications—in Oracle WebLogic Server is related to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to gain access to confidential information from a remote location...

Oracle WebLogic Server Component Information Disclosure Vulnerability (CNVD-2019-27108)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle. The platform provides middleware, software collection, etc. WebLogic Server is one of the application server components for cloud and traditional...