2 matches found
Oracle WebLogic Server Multiple Vulnerabilities (January 2019 CPU)
The version of Oracle WebLogic Server installed on the remote host is affected by multiple vulnerabilities: - XML external entity XXE vulnerability in the SqlXmlUtil code in Apache Derby before 10.12.1.1, when a Java Security Manager is not in place, allows context-dependent attackers to read...
CVE-2019-2452
The CVE pertains to Oracle WebLogic Server (WLS Core Components) in Oracle Fusion Middleware. Affected versions are 10.3.6.0, 12.1.3.0, and 12.2.1.3. The vulnerability enables a high-privilege attacker with network access via HTTP to compromise WebLogic Server, potentially enabling unauthorized c...