2 matches found
Oracle WebLogic Server Multiple Vulnerabilities (January 2019 CPU)
The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities: - XML external entity XXE vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read...
CVE-2019-2395
CVE-2019-2395 affects Oracle WebLogic Server (WLS – Web Services subcomponent) in Oracle Fusion Middleware, specifically the 10.3.6.0 release. The vulnerability is described as easily exploitable with network access via HTTP by a low-privilege attacker, potentially leading to unauthorized read ac...