Lucene search
K

4089 matches found

Nuclei
Nuclei
added yesterday33 views

Oracle WebLogic Server - Remote Code Execution

Oracle WebLogic Server 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0 contains a remote code execution caused by unauthenticated access via T3, IIOP, letting attackers take over the server, exploit requires network access. id: CVE-2021-2135 info: name: Oracle WebLogic Server - Remote Code Execution author:...

9.8CVSS7.7AI score0.0837EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday242 views

Oracle WebLogic Server - Remote Code Execution

The Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS - Web Services is susceptible to a remote code execution vulnerability that is easily exploitable and could allow unauthenticated attackers with network access via HTTP to compromise the server. Supported versions...

9.8CVSS7.8AI score0.50224EPSS
Exploits7References5
Nuclei
Nuclei
added yesterday78 views

JD Edwards EnterpriseOne Tools 9.2 - Information Disclosure

JD Edwards EnterpriseOne Tools 9.2 is susceptible to information disclosure via the Monitoring and Diagnostics component. An attacker with network access via HTTP can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the...

9.8CVSS7.2AI score0.18645EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday76 views

Oracle Weblogic - Server-Side Request Forgery

An unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0 and 10.3.6.0 allows remote attackers to affect confidentiality via vectors related to WLS - Web Services. id: CVE-2014-4210 info: name: Oracle Weblogic - Server-Side Request Forgery author:...

5CVSS7.3AI score0.38152EPSS
Exploits8References5
Nuclei
Nuclei
added yesterday62 views

Oracle Fusion Middleware Weblogic Server - Remote OS Command Execution

The Oracle WebLogic Server component of Oracle Fusion Middleware Web Services versions 10.3.6.0, 12.1.3.0, 12.2.1.0, 12.2.1.1 and 12.2.1.2 is susceptible to a difficult to exploit vulnerability that could allow unauthenticated attackers with network access via HTTP to compromise Oracle WebLogic...

7.4CVSS7.3AI score0.96281EPSS
Exploits9References5
Nuclei
Nuclei
added 5 days ago567 views

Javafaces LFI

An Unspecified vulnerability in the Oracle GlassFish Server component in Oracle Fusion Middleware 2.1.1, 3.0.1, and 3.1.2; the Oracle JDeveloper component in Oracle Fusion Middleware 11.1.2.3.0, 11.1.2.4.0, and 12.1.2.0.0; and the Oracle WebLogic Server component in Oracle Fusion Middleware...

5CVSS6AI score0.32441EPSS
Exploits0References5
Nuclei
Nuclei
added 6 days ago86 views

Oracle WebLogic Server Local File Inclusion

An easily exploitable local file inclusion vulnerability allows unauthenticated attackers with network access via HTTP to compromise Oracle WebLogic Server. Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Successful attacks of this vulnerability can...

7.5CVSS6.8AI score0.92331EPSS
Exploits6References5
Nuclei
Nuclei
added 6 days ago49 views

Oracle Fusion Middleware WebLogic Server Administration Console - Remote Code Execution

The Oracle Fusion Middleware WebLogic Server admin console in versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0 is vulnerable to an easily exploitable vulnerability that allows high privileged attackers with network access via HTTP to compromise Oracle WebLogic Server. id:...

9CVSS7.5AI score0.97929EPSS
Exploits8References5
Nuclei
Nuclei
added 2026/06/28 3:8 p.m.160 views

Oracle WebLogic Server Administration Console - Remote Code Execution

The Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: Web Services versions 0.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0 contain an easily exploitable vulnerability that allows unauthenticated attackers with network access via HTTP to compromise Oracle WebLogic Server. id:...

9.8CVSS7.6AI score0.8883EPSS
Exploits11References5
Nuclei
Nuclei
added 2026/06/26 6:13 p.m.117 views

Oracle WebLogic Server - Remote Command Execution

Oracle WebLogic Server 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0 is susceptible to remote code execution. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised machine without entering necessary credentials. See...

10CVSS7.9AI score0.99997EPSS
Exploits43References5
Nuclei
Nuclei
added 2026/06/25 1:31 a.m.188 views

Oracle WebLogic Server - Remote Command Execution

The Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent - WLS Security is susceptible to remote command execution. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. This easily exploitable vulnerability allows unauthenticated attacke...

7.5CVSS7.5AI score0.99993EPSS
Exploits45References5
Nuclei
Nuclei
added 2026/06/25 1:31 a.m.172 views

Oracle WebLogic Server - Remote Code Execution

Oracle WebLogic Server Oracle Fusion Middleware component: WLS Core Components is susceptible to a remote code execution vulnerability. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 2.2.1.3.0 and 12.2.1.4.0. This easily exploitable vulnerability could allow unauthenticated...

9.8CVSS8.1AI score0.93168EPSS
Exploits18References5
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.6 views

Oracle WebLogic Server (June 2026 CSPU)

The 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0, and 15.1.1.0.0 versions of WebLogic Server installed on the remote host are affected by multiple vulnerabilities as referenced in the June 2026 CSPU advisory. - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core...

9.8CVSS6AI score0.00565EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.7 views

Oracle WebLogic Server Remote Takeover (June 2026 CSPU)

The 12.2.1.4.0 and 14.1.2.0.0 versions of WebLogic Server installed on the remote host are affected by a vulnerability as referenced in the June 2026 CSPU advisory. - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are...

8.8CVSS6AI score0.00402EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.8 views

Oracle WebLogic Server Multiple Vulnerabilities (June 2026 CSPU)

The 12.2.1.4.0 and 14.1.1.0.0 versions of WebLogic Server installed on the remote host are affected by multiple vulnerabilities as referenced in the June 2026 CSPU advisory. - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Console. Supported versions th...

10CVSS6AI score0.00483EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/06/23 12:0 a.m.7 views

Oracle WebLogic Server Multiple Vulnerabilities (June 2026 CSPU) (14.1.2.0.0 / 15.1.1.0.0)

The 14.1.2.0.0 and 15.1.1.0.0 versions of WebLogic Server installed on the remote host are affected by multiple vulnerabilities as referenced in the June 2026 CSPU advisory. - Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Console. Supported versions th...

10CVSS6AI score0.00483EPSS
Exploits0References8
NVD
NVD
added 2026/06/17 10:54 a.m.14 views

CVE-2026-46848

Vulnerability in the WebLogic Server product of Oracle Fusion Middleware component: Console. Supported versions that are affected are 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where WebLogic Server executes to...

7.9CVSS0.00152EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:40 a.m.10 views

CVE-2026-35311

Vulnerability in the WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise WebLogic Server. Successful...

8.8CVSS0.00402EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:40 a.m.10 views

CVE-2026-35301

Vulnerability in the WebLogic Server product of Oracle Fusion Middleware component: Console. Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise WebLogic Server. While the...

10CVSS0.00483EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:40 a.m.9 views

CVE-2026-35300

Vulnerability in the WebLogic Server product of Oracle Fusion Middleware component: Core. Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0, 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via TCP to compromise WebLogic...

9.8CVSS0.00565EPSS
Exploits0References1
Rows per page
Query Builder