45 matches found
EUVD-2014-4196
Malware in sbrugna...
VulnCheck KEV: CVE-2019-2618
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS Core Components. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to...
Oracle Fusion Middleware Unspecified Vulnerability
Oracle Fusion Middleware contains an unspecified vulnerability in the WLS Core Components that allows an unauthenticated attacker with network access via IIOP to compromise the WebLogic Server...
Oracle WebLogic Server Multiple Vulnerabilities (Jan 2020 CPU)
The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities: - An unspecified vulnerability in the Third Party Tools Bouncy Castle Java Library component of Oracle WebLogic Server. An unauthenticated attacker with network access via HTTPS could explo...
CVE-2020-2550
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: WLS Core Components. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows high privileged attacker with logon to the...
Design/Logic Flaw
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: WLS Core Components. The supported version that is affected is 10.3.6.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server...
CVE-2020-2548
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: WLS Core Components. The supported version that is affected is 10.3.6.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server...
CVE-2020-2551
CVE-2020-2551 affects Oracle WebLogic Server (WLS Core Components) on versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. The issue is a deserialization vulnerability in the IIOP protocol that allows an unauthenticated, network-remote attacker to take over the WebLogic Server. The CVSS 3....
CVE-2020-2549
CVE-2020-2549 affects Oracle WebLogic Server (WLS Core Components), with the affected version 10.3.6.0.0. The vulnerability allows a high-privilege attacker with network access via HTTP to compromise the server, potentially taking over Oracle WebLogic Server. CVSS 3.0 base score is 7.2 (HIGH) wit...
Oracle WebLogic Server Multiple Remote Security Vulnerabilities
Description Oracle WebLogic Server is prone to multiple remote security vulnerabilities. These vulnerabilities can be exploited over 'HTTP' protocol. The 'WLS Core Components' is affected. These vulnerabilities affect the following supported versions: 10.3.6.0.0 Technologies Affected Oracle...
Oracle WebLogic Server Multiple Remote Security Vulnerabilities
Description Oracle WebLogic Server is prone to multiple remote security vulnerabilities. These vulnerabilities can be exploited over multiple protocols. The 'WLS Core Components' and 'Application Container - JavaEE' components are affected. These vulnerabilities affect the following supported...
Oracle WebLogic Server CVE-2020-2550 Local Security Vulnerability
Description Oracle WebLogic Server is prone to a local security vulnerability. The 'WLS Core Components' component is affected. This vulnerability affects the following supported versions: 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 Technologies Affected Oracle Weblogic Server 10.3.6.0.0 Oracl...
Oracle WebLogic Server Multiple Remote Security Vulnerabilities
Description Oracle WebLogic Server is prone to multiple remote security vulnerabilities. These vulnerabilities can be exploited over multiple protocols. The 'WLS Core Components' and 'Console' components are affected. These vulnerabilities affect the following supported versions: 10.3.6.0.0,...
PT-2020-1525 · Oracle · Oracle Weblogic Server
Name of the Vulnerable Software and Affected Versions: Oracle WebLogic Server version 10.3.6.0.0 Description: The issue is related to insufficient access control in the WLS Core Components of Oracle WebLogic Server, allowing a high-privileged attacker with network access via HTTP to compromise th...
CVE-2019-2824
CVE-2019-2824 affects Oracle WebLogic Server (WLS Core Components). Vulnerable on Oracle Fusion Middleware versions 10.3.6.0.0, 12.1.3.0.0, and 12.2.1.3.0. The issue allows a high-privilege attacker with network access via HTTP to compromise WebLogic Server, potentially yielding unauthorized data...
CVE-2019-2645
CVE-2019-2645 affects Oracle WebLogic Server (WLS Core Components). Affected versions are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. The underlying issue allows an unauthenticated attacker with network access via T3 to compromise WebLogic Server, potentially taking over the server. CVSS v3.0 base sco...
CVE-2019-2618
CVE-2019-2618 affects Oracle WebLogic Server (WLS Core Components) in Oracle Fusion Middleware. Affected versions: 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0. The issue is a directory traversal/file-upload flaw that can permit a high-privileged, unauthenticated or authenticated attacker over HTTP to writ...
CVE-2019-2615
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS Core Components. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to...
CVE-2019-2568
CVE-2019-2568 affects Oracle WebLogic Server (WLS Core Components) and is applicable to WebLogic versions 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. The issue is a network-accessible vulnerability that allows a low-privilege, unauthenticated or low-privilege attacker with HTTP access to compromise th...
Oracle WebLogic Server high-risk security vulnerability alerts-a vulnerability alert-the black bar safety net
2019 04 May 17, 360CERT detection to the Oracle in 4 December 17 release of the security Bulletin. The security Bulletin disclosed the WebLogic Server there are multiple high-risk vulnerabilities that affect multiple WebLogic components. 360CERT it is determined that the security updates for...