CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Web Container. Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracl...

5.7CVSS6AI score0.00159EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 5:5 a.m.•3 views

CVE-2019-2576

Vulnerability in the Oracle Service Bus component of Oracle Fusion Middleware subcomponent: Web Container. Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

5.3CVSS5.8AI score0.02116EPSS

Exploits0References1

Hacker One•added 2024/02/23 11:0 a.m.•125 views

Mars: CVE-2022-21371: Oracle WebLogic Server Local File Inclusion

A vulnerability was identified in Oracle WebLogic Server's Web Container component. Affected versions included ██████████, ██████████, ██████████, and ██████████. The vulnerability could be exploited by an unauthenticated attacker over HTTP, potentially leading to unauthorized access to critical...

7.5CVSS7.4AI score0.93419EPSS

Exploits6

NVD•added 2023/04/18 8:15 p.m.•18 views

CVE-2023-21956

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Web Container. Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic...

6.1CVSS5.8AI score0.002EPSS

Exploits0References1

SUSE CVE•added 2023/02/15 5:48 a.m.•4 views

SUSE CVE-2012-0551

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE 7 update 4 and earlier and 6 update 32 and earlier, and the GlassFish Enterprise Server component in Oracle Sun Products Suite GlassFish Enterprise Server 3.1.1, allows remote attackers to affect confidentiality and...

5.8CVSS6.5AI score0.29177EPSS

Exploits0References6

Positive Technologies•added 2023/01/17 12:0 a.m.•3 views

PT-2023-1308 · Oracle · Oracle Weblogic Server

Name of the Vulnerable Software and Affected Versions: Oracle WebLogic Server versions 12.2.1.3.0 through 12.2.1.4.0 Oracle WebLogic Server version 14.1.1.0.0 Description: The issue is related to insufficient input validation in the Web Container component of Oracle WebLogic Server, allowing an...

7.8CVSS9AI score0.011EPSS

Exploits0References6

Tenable Nessus•added 2022/10/20 12:0 a.m.•46 views

Oracle WebLogic Server 14.1.1 < 14.1.1.0.221010 (Oct 2022 CPU)

The version of Oracle WebLogic Server installed on the remote host is missing a security patch from the October 2022 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities, including: - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware...

8.1CVSS6.9AI score0.04099EPSS

Exploits2References7

Prion•added 2022/10/18 9:15 p.m.•13 views

Design/Logic Flaw

3.4CVSS5.3AI score0.00045EPSS

Exploits0References1Affected Software1

VulnCheck KEV•added 2022/08/19 12:0 a.m.•0 views

VulnCheck KEV: CVE-2022-21371

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Web Container. Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP...

7.5CVSS6.9AI score0.93419EPSS

Exploits6References1