2 matches found
Oracle WebLogic Server Multiple Vulnerabilities (January 2019 CPU)
The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities: - XML external entity XXE vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read...
CVE-2019-2418
CVE-2019-2418 affects Oracle WebLogic Server (WLS Core Components). Affected versions are 10.3.6.0, 12.1.3.0 and 12.2.1.3. The vulnerability allows unauthenticated, network-based exploitation via the T3 protocol to compromise WebLogic Server, potentially leading to unauthorized update/insert/dele...