CVE-2026-35292

Vulnerability in the WebLogic Server product of Oracle Fusion Middleware component: Console. Supported versions that are affected are 14.1.2.0.0 and 15.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise WebLogic Server. While the...

PT-2026-49874

Name of the Vulnerable Software and Affected Versions Oracle Fusion Middleware WebLogic Server versions 12.2.1.4.0 Oracle Fusion Middleware WebLogic Server versions 14.1.1.0.0 Description An issue exists in the Console component of the WebLogic Server. A low privileged attacker with network acces...

Security Bulletin: IBM MQ is affected by a denial of service vulnerability in IBM WebSphere Application Server Liberty (CVE-2024-29371)

Summary IBM WebSphere Application Server Liberty is used by IBM MQ as part of the IBM MQ Console and IBM MQ REST API functionality CVE-2024-29371 Vulnerability Details CVEID:CVE-2024-29371 DESCRIPTION: In jose4j before 0.9.6, an attacker can cause a Denial-of-Service DoS condition by crafting a...

CVE-2021-2142

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Console. The supported version that is affected is 10.3.6.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful...

PT-2023-9557 · Oracle · Oracle Weblogic Server

Name of the Vulnerable Software and Affected Versions: Oracle WebLogic Server versions 12.2.1.4.0 through 14.1.1.0.0 Description: The issue is related to the Console component of Oracle WebLogic Server, allowing an unauthenticated attacker with network access via HTTP to compromise the server...

The vulnerability of the Console component of InHand Networks’ InRouter302 microprogramming system lies in the ability to write data beyond the buffer in memory, allowing an attacker to execute arbitrary code.

The vulnerability of the Console component of InHand Networks’ InRouter302 microprogramming system lies in the writing of data beyond the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

CVE-2022-30572

The iWay Service Manager Console component of TIBCO Software Inc.'s TIBCO iWay Service Manager contains an easily exploitable Directory Traversal vulnerability that allows a low privileged attacker with network access to read arbitrary resources on the affected system. Affected releases are TIBCO...

Oracle WebLogic Server Unspecified Vulnerability

Oracle WebLogic Server contains an unspecified vulnerability in the Console component with high impacts to confidentilaity, integrity, and availability...

Oracle WebLogic Server 输入验证错误漏洞

Oracle WebLogic Server is a cloud-native, enterprise-grade Java platform application server for multi-tier distributed enterprise application development and deployment. A security vulnerability exists in the Console component of Oracle WebLogic Server version 10.3.6.0.0. An attacker could exploi...

The vulnerability of the Console component of the Oracle WebLogic Server application server allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the Console component of the Oracle WebLogic Server application server is related to errors in code generation management. Exploiting this vulnerability allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information through...

CVE-2020-14882 — Unauthenticated RCE in Console component of Oracle WebLogic Server

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Console. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP...

PT-2020-4570

Name of the Vulnerable Software and Affected Versions Oracle WebLogic Server versions 10.3.6.0.0 through 14.1.1.0.0 Description The issue is related to insufficient input validation in the Console component of Oracle WebLogic Server, allowing a remote attacker to gain full control over the...

CVE-2020-14883 — Authenticated RCE in Console component of Oracle WebLogic Server

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Console. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP...

Oracle Weblogic Server Remote Code Execution Vulnerability (CNVD-2020-29745)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of business innovation platforms for enterprise and cloud environments from Oracle. The platform provides middleware, software collection, etc. WebLogic Server is one of the application server components for cloud and traditional...

Unspecified Vulnerability in Oracle WebLogic Server (CNVD-2020-08164)

Oracle Fusion Middleware, the digital business platform for enterprise and cloud computing, is a comprehensive family of middleware products that enable organizations to create and run agile, intelligent business applications and maximize IT efficiencies by leveraging modern hardware and software...

Serviio Media Server - checkStreamUrl Command Execution (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule /Restlet-Framework/ include Msf::Exploit::Remote::HttpClient include Msf::Exploit::CmdStager def initializeinfo = superupdateinfoinfo, 'Name' =...

Serviio Media Server checkStreamUrl Command Execution

This module exploits an unauthenticated remote command execution vulnerability in the console component of Serviio Media Server versions 1.4 to 1.8 on Windows operating systems. The console service on port 23423 by default exposes a REST API which which does not require authentication. The 'actio...

PT-2017-1213

Name of the Vulnerable Software and Affected Versions Puppet Enterprise versions 2015.x through 2016.x before 2016.4.0 Description The issue is related to an open redirect vulnerability in the Console component. This vulnerability allows remote attackers to redirect users to arbitrary web sites b...

Vulnerability of WebLogic Server software, allowing a remote attacker to compromise protected information

The vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware allows malicious actors to compromise data integrity by exploiting a sub-component called Console...

Unspecified Vulnerability in Oracle Fusion Middleware WebLogic Server Component (CNVD-2016-02576)

Oracle Fusion Middleware Oracle Fusion Middleware is a set of Oracle's business innovation platform for enterprise and cloud environments, of which Oracle WebLogic Server is an application server component for both cloud and traditional environments. An unspecified vulnerability in the Console...