Lucene search
K

108 matches found

OSV
OSV
added 2023/04/18 8:15 p.m.6 views

CVE-2023-21931

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogi...

7.5CVSS7.1AI score0.82262EPSS
Exploits3References2
Positive Technologies
Positive Technologies
added 2023/04/18 12:0 a.m.7 views

PT-2023-2556 · Oracle · Oracle Weblogic Server

Name of the Vulnerable Software and Affected Versions: Oracle WebLogic Server versions 12.2.1.3.0 through 12.2.1.4.0 Oracle WebLogic Server version 14.1.1.0.0 Description: The issue allows an unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server, resulting in...

7.8CVSS8.8AI score0.00634EPSS
Exploits0References6
SUSE CVE
SUSE CVE
added 2023/02/15 5:17 a.m.9 views

SUSE CVE-2015-4852

The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to...

9.8CVSS7.6AI score0.96032EPSS
Exploits17References6
CNVD
CNVD
added 2023/01/18 12:0 a.m.41 views

Oracle WebLogic Server Remote Code Execution Vulnerability (CNVD-2023-04389)

Oracle WebLogic Server is an application services middleware from Oracle for cloud and traditional environments that provides a modern, lightweight development platform that supports full lifecycle management of applications from development to production and simplifies application deployment and...

7.5CVSS3AI score0.99811EPSS
Exploits10References1
CNNVD
CNNVD
added 2023/01/18 12:0 a.m.6 views

Oracle WebLogic Server 安全漏洞

Oracle WebLogic Server is an application services middleware from Oracle for cloud and traditional environments that provides a modern, lightweight development platform that supports full lifecycle management of applications from development to production and simplifies application deployment and...

7.5CVSS9.3AI score0.99811EPSS
Exploits10References4
Positive Technologies
Positive Technologies
added 2023/01/17 12:0 a.m.5 views

PT-2023-1309 · Oracle · Oracle Weblogic Server

Name of the Vulnerable Software and Affected Versions: Oracle WebLogic Server versions 12.2.1.3.0 through 12.2.1.4.0 Oracle WebLogic Server version 14.1.1.0.0 Description: The issue is related to insufficient input validation in the Core component of Oracle WebLogic Server, allowing an...

7.8CVSS8.8AI score0.00857EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2023/01/17 12:0 a.m.7 views

PT-2023-1295

Name of the Vulnerable Software and Affected Versions Oracle WebLogic Server versions 12.2.1.3.0 through 12.2.1.4.0 Oracle WebLogic Server version 14.1.1.0.0 Description The issue is related to insufficient input validation in the Core component of Oracle WebLogic Server, allowing an...

7.8CVSS7.4AI score0.99811EPSS
Exploits10References54
BDU FSTEC
BDU FSTEC
added 2022/08/18 12:0 a.m.5 views

The vulnerability of the Core server component of Oracle WebLogic Server allows a hacker to gain access to modify, add, or delete data, or cause partial service disruption.

The vulnerability of the Core server component of Oracle WebLogic Server exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to remotely gain access to modify, add, or delete data, or cause a partial service outage using the IIOP and T3...

6.5CVSS6.5AI score0.00729EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/07/19 10:15 p.m.3 views

CVE-2022-21560

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle...

5.3CVSS6.3AI score0.0088EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2022/06/23 12:0 a.m.7 views

The vulnerability of the Core component of the Oracle Coherence data processing software allows a hacker to cause the device to freeze or experience service failure.

The vulnerability of the Core component of the Oracle Coherence data processing software exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor to cause the device to become unresponsive or to fail in service through the specially crafted T3...

7.8CVSS7.5AI score0.01174EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/15 12:0 a.m.8 views

The vulnerability of the Core server component of Oracle WebLogic Server, a software platform of Oracle Fusion Middleware, allows a perpetrator to cause service interruptions.

The vulnerability of the Core server component of Oracle WebLogic Server, a software platform of Oracle Fusion Middleware, is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions using the T3 network protocol...

7.8CVSS7.7AI score0.01834EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/06/09 12:0 a.m.7 views

The vulnerability of the Security sub-component of the Oracle WebLogic Server application server, a software platform of Oracle Fusion Middleware, allows an attacker to execute arbitrary code and gain full control over the application through network traffic using the T3 protocol.

The vulnerability of the Security sub-component of Oracle WebLogic Server, a software platform of Oracle Fusion Middleware, exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code and gain full control over...

10CVSS8.4AI score0.01845EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2022/04/19 9:15 p.m.5 views

CVE-2022-21420

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle Coherence...

9.8CVSS6.9AI score0.01445EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/11 12:0 a.m.7 views

The vulnerability of the Core server component of Oracle WebLogic Server allows a perpetrator to gain unauthorized access to read, modify, or delete data, or to cause a service failure.

The vulnerability of the Core server component of Oracle WebLogic Server is related to insufficient validation of input data. Exploiting this vulnerability may allow an attacker, operating remotely, to gain unauthorized access to read, modify, or delete data, or to cause a service failure using t...

6.5CVSS6.8AI score0.01222EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2022/01/19 12:15 p.m.3 views

CVE-2022-21353

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogi...

6.5CVSS6.7AI score0.01222EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2022/01/18 12:0 a.m.5 views

PT-2022-2151 · Oracle · Oracle Weblogic Server

Name of the Vulnerable Software and Affected Versions: Oracle WebLogic Server versions 12.1.3.0.0 through 14.1.1.0.0 Description: The issue is related to insufficient input validation in the Core component of Oracle WebLogic Server, allowing an unauthenticated attacker with network access via the...

10CVSS7AI score0.04141EPSS
Exploits0References7
CNNVD
CNNVD
added 2021/10/19 12:0 a.m.4 views

Oracle Fusion Middleware和Oracle WebLogic Server 输入验证错误漏洞

Oracle Fusion Middleware Oracle Fusion Middleware and Oracle WebLogic Server are both products of Oracle Corporation.Oracle Fusion Middleware is a business innovation platform for enterprise and cloud environments. The platform provides middleware, software collections, etc. Oracle WebLogic Serve...

7.5CVSS7.7AI score0.01446EPSS
Exploits0References5
OSV
OSV
added 2021/07/21 3:16 p.m.4 views

CVE-2021-2428

Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise...

8.1CVSS5.8AI score0.01561EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2021/04/22 12:0 a.m.26 views

Oracle WebLogic Server T3 Protocol Deserialization of Untrusted Data Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Oracle WebLogic Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the T3 protocol. Crafted data in a T3 protocol message can...

4.9CVSS1.6AI score0.02408EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2021/04/22 12:0 a.m.35 views

Oracle Business Intelligence T3 Protocol Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle Business Intelligence. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the T3 protocol. Crafted data in a T3 protocol message can...

9.8CVSS4.4AI score0.05667EPSS
Exploits1References1
Rows per page
Query Builder