Lucene search
K

179 matches found

Positive Technologies
Positive Technologies
added 2022/01/18 12:0 a.m.8 views

PT-2022-2100

Name of the Vulnerable Software and Affected Versions Oracle WebLogic Server versions 12.1.3.0.0 through 14.1.1.0.0 Description The issue is related to the Web Container component of Oracle WebLogic Server, which has a vulnerability that allows an unauthenticated attacker with network access via...

7.8CVSS6.8AI score0.92331EPSS
Exploits6References20
CNNVD
CNNVD
added 2022/01/18 12:0 a.m.4 views

Oracle WebLogic Server 输入验证错误漏洞

Oracle WebLogic Server is an Oracle application services middleware for cloud and traditional environments that provides a modern, lightweight development platform that supports application lifecycle management from development to production and simplifies application deployment and management. A...

6.1CVSS7AI score0.00946EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/01/18 12:0 a.m.13 views

Oracle WebLogic Server 路径遍历漏洞

Oracle WebLogic Server is an application services middleware from Oracle for cloud and traditional environments that provides a modern, lightweight development platform that supports full lifecycle management of applications from development to production and simplifies application deployment and...

7.5CVSS5.6AI score0.92331EPSS
Exploits6References8
BDU FSTEC
BDU FSTEC
added 2020/08/14 12:0 a.m.6 views

The vulnerability of the Web Container server’s sub-component in Oracle WebLogic Server, a software platform of Oracle Fusion Middleware, is related to insufficient validation of input data. This vulnerability allows an attacker to gain unauthorized access to protected information or to read, modify, add, or delete data.

The vulnerability of the Web Container sub-component of the Oracle WebLogic Server application server, a software platform of Oracle Fusion Middleware, is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorize...

7.1CVSS6.9AI score0.0132EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/08/12 12:0 a.m.8 views

The vulnerability of the Web Container server component of Oracle WebLogic Server allows a attacker to cause a service failure.

The vulnerability of the Web Container component of Oracle WebLogic Server applications is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service interruptions remotely...

7.8CVSS7.2AI score0.0193EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/08/12 12:0 a.m.5 views

The vulnerability of the Web Container component of the Oracle WebLogic Server application server allows a perpetrator to gain unauthorized access to protected information or to modify, add, or delete data.

The vulnerability of the Web Container server component of Oracle WebLogic Server is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or to modify, add, or delete data...

8.5CVSS7.5AI score0.01594EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2020/07/16 12:0 a.m.3 views

Unspecified Vulnerability in Oracle Fusion Middleware WebLogic Server Web Container

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle. The platform provides middleware, software collection, etc. WebLogic Server is one of the application server components for cloud and traditional...

8.2CVSS9AI score0.01594EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2020/07/15 5:34 p.m.11 views

CVE-2020-14588

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Web Container. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access vi...

8.2CVSS6.6AI score0.01594EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/07/15 5:34 p.m.18 views

CVE-2020-14557

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Web Container. Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to...

6.8CVSS7.4AI score0.0132EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2020/07/15 5:34 p.m.8 views

CVE-2020-14557

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Web Container. Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to...

6.8CVSS6.6AI score0.0132EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2020/06/02 12:0 a.m.3 views

The vulnerability of the Web Container component of the Oracle WebLogic Server application server allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the Web Container server component of Oracle WebLogic Server is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information using the HTTP network protocol...

8.5CVSS7.4AI score0.01336EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2020/04/15 2:15 p.m.3 views

CVE-2020-2867

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Web Container. Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

8.2CVSS7.3AI score0.01336EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/15 12:0 a.m.4 views

Oracle WebLogic Server Unauthorized Access Vulnerability (CNVD-2020-27999)

Oracle Fusion Middleware, the digital business platform for enterprise and cloud computing, is a comprehensive middleware product family, and Oracle WebLogic Server is a cloud-native, enterprise-grade Java platform application server for multi-tier distributed enterprise application development a...

8.2CVSS8.5AI score0.01336EPSS
Exploits0References1
CNVD
CNVD
added 2020/01/15 12:0 a.m.3 views

Unspecified Vulnerability in Oracle WebLogic Server (CNVD-2020-08167)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle. The platform provides middleware, software collection, etc. WebLogic Server is one of the application server components for cloud and traditional...

6.5CVSS8AI score0.10124EPSS
Exploits0References1
OSV
OSV
added 2019/09/10 5:15 p.m.5 views

CVE-2019-0355

SAP NetWeaver Application Server Java Web Container, ENGINEAPI before versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50 and SAP-JEECOR before versions 6.40, 7.0, 7.01, allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the...

7.2CVSS7.1AI score0.01562EPSS
Exploits0References2
NVD
NVD
added 2019/09/10 5:15 p.m.21 views

CVE-2019-0355

SAP NetWeaver Application Server Java Web Container, ENGINEAPI before versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50 and SAP-JEECOR before versions 6.40, 7.0, 7.01, allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the...

7.2CVSS7AI score0.01562EPSS
Exploits0References2
Prion
Prion
added 2019/09/10 5:15 p.m.28 views

Authentication flaw

SAP NetWeaver Application Server Java Web Container, ENGINEAPI before versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50 and SAP-JEECOR before versions 6.40, 7.0, 7.01, allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the...

6.5CVSS7AI score0.01562EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/09/10 4:7 p.m.19 views

CVE-2019-0355

SAP NetWeaver Application Server Java Web Container, ENGINEAPI before versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50 and SAP-JEECOR before versions 6.40, 7.0, 7.01, allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the...

7AI score0.01562EPSS
Exploits0References2
CVE
CVE
added 2019/09/10 4:7 p.m.87 views

CVE-2019-0355

SAP NetWeaver Application Server Java Web Container and SAP-JEECOR components are affected by CVE-2019-0355. The issue enables an attacker to inject code that the application executes, potentially allowing control over the application’s behavior. Affected products/components: ENGINEAPI before ver...

7.2CVSS7AI score0.01562EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2019/07/10 8:15 p.m.5 views

CVE-2019-0327

SAP NetWeaver for Java Application Server - Web Container, engineapi, versions 7.1, 7.2, 7.3, 7.31, 7.4 and 7.5, servercode, versions 7.2, 7.3, 7.31, 7.4, 7.5, allows an attacker to upload files including script files without proper file format validation...

7.2CVSS7.1AI score0.02098EPSS
Exploits0References3
Rows per page
Query Builder