Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

360 matches found

Cvelist
Cvelistadded 2008/08/14 8:0 p.m.22 views

CVE-2008-2369

manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a hard-coded authentication key, which allows remote attackers to connect to the server and obtain sensitive information about user accounts and entitlements...

9.3AI score0.00616EPSS
Exploits1References5
AlpineLinux
AlpineLinuxadded 2008/08/14 8:0 p.m.4 views

CVE-2008-2369

manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a hard-coded authentication key, which allows remote attackers to connect to the server and obtain sensitive information about user accounts and entitlements...

9.1CVSS5.9AI score0.00616EPSS
Exploits1References5
RedHat Linux
RedHat Linuxadded 2008/08/13 2:17 p.m.5 views

Satellite: information disclosure via manzier.pxt RPC script

manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a hard-coded authentication key, which allows remote attackers to connect to the server and obtain sensitive information about user accounts and entitlements...

9.1CVSS7.4AI score0.00616EPSS
Exploits1References4
Prion
Prionadded 2008/02/21 1:44 a.m.11 views

Design/Logic Flaw

Admin Tools in BEA WebLogic Portal 8.1 SP3 through SP6 can inadvertently remove entitlements for pages when an administrator edits the page definition label, which might allow remote attackers to bypass intended access restrictions...

5CVSS7.3AI score0.00383EPSS
Exploits0References4Affected Software1
NVD
NVDadded 2008/02/21 1:44 a.m.10 views

CVE-2008-0865

Unspecified vulnerability in BEA WebLogic Portal 8.1 through SP6 allows remote attackers to bypass entitlements for instances of a floatable WLP portlet via unknown vectors...

5CVSS6.7AI score0.00383EPSS
Exploits0References4
NVD
NVDadded 2008/02/21 1:44 a.m.16 views

CVE-2008-0864

Admin Tools in BEA WebLogic Portal 8.1 SP3 through SP6 can inadvertently remove entitlements for pages when an administrator edits the page definition label, which might allow remote attackers to bypass intended access restrictions...

5CVSS6.7AI score0.00383EPSS
Exploits0References4
Prion
Prionadded 2008/02/21 1:44 a.m.11 views

Design/Logic Flaw

Unspecified vulnerability in BEA WebLogic Portal 8.1 through SP6 allows remote attackers to bypass entitlements for instances of a floatable WLP portlet via unknown vectors...

5CVSS7.2AI score0.00383EPSS
Exploits0References4Affected Software1
CVE
CVEadded 2008/02/21 1:0 a.m.51 views

CVE-2008-0864

The CVE-2008-0864 entry concerns BEA WebLogic Portal 8.1 SP3–SP6, where the Admin Tools feature can inadvertently remove page entitlements when an administrator edits the page definition label. This could allow remote attackers to bypass intended access restrictions. The available connected docum...

5CVSS6.7AI score0.00383EPSS
Exploits0References4Affected Software2
Cvelist
Cvelistadded 2008/02/21 1:0 a.m.20 views

CVE-2008-0865

Unspecified vulnerability in BEA WebLogic Portal 8.1 through SP6 allows remote attackers to bypass entitlements for instances of a floatable WLP portlet via unknown vectors...

6.7AI score0.00383EPSS
Exploits0References4
CVE
CVEadded 2008/02/21 1:0 a.m.37 views

CVE-2008-0865

BEA WebLogic Portal 8.1 through SP6 contains an unspecified vulnerability that allows remote attackers to bypass entitlements for instances of a floatable WLP portlet via unknown vectors. The available records do not specify the root cause, affected subcomponents, or a concrete exploit method. Th...

5CVSS6.7AI score0.00383EPSS
Exploits0References4Affected Software2
Cvelist
Cvelistadded 2007/05/16 1:0 a.m.18 views

CVE-2007-2703

BEA WebLogic Portal 9.2 GA can corrupt a visitor entitlements role if an administrator provides a long role description, which might allow remote authenticated users to access privileged resources...

6.2AI score0.00486EPSS
Exploits0References6
Prion
Prionadded 2007/01/23 12:28 a.m.15 views

Design/Logic Flaw

BEA WebLogic Portal 9.2, when running in a WebLogic Server clustered environment using WebLogic Portal entitlements, does not properly propagate entitlement policy changes if the changes are made on a managed server while the Administrative Server is unavailable, which might allow attackers to...

6.8CVSS6.7AI score0.00708EPSS
Exploits0References7Affected Software1
Prion
Prionadded 2007/01/23 12:28 a.m.12 views

Code injection

BEA WebLogic Portal 9.2 does not properly handle when an administrator deletes entitlements for a role, which causes other role entitlements to be "inadvertently affected," which has an unknown impact...

4.4CVSS7AI score0.00254EPSS
Exploits0References6Affected Software1
NVD
NVDadded 2007/01/23 12:28 a.m.12 views

CVE-2007-0423

BEA WebLogic Portal 9.2 does not properly handle when an administrator deletes entitlements for a role, which causes other role entitlements to be "inadvertently affected," which has an unknown impact...

4.4CVSS6.5AI score0.00254EPSS
Exploits0References6
CVE
CVEadded 2007/01/23 12:0 a.m.53 views

CVE-2007-0423

CVE-2007-0423 affects BEA WebLogic Portal 9.2. The issue arises when an administrator deletes entitlements for a role, which reportedly causes other entitlements to be inadvertently affected; the impact is described as unknown. No concrete root cause, vulnerability vector, exploit details, or rem...

4.4CVSS6.5AI score0.00254EPSS
Exploits0References6Affected Software1
Cvelist
Cvelistadded 2007/01/23 12:0 a.m.23 views

CVE-2007-0426

BEA WebLogic Portal 9.2, when running in a WebLogic Server clustered environment using WebLogic Portal entitlements, does not properly propagate entitlement policy changes if the changes are made on a managed server while the Administrative Server is unavailable, which might allow attackers to...

6.3AI score0.00708EPSS
Exploits0References7
CVE
CVEadded 2007/01/23 12:0 a.m.63 views

CVE-2007-0426

BEA WebLogic Portal 9.2 in a WebLogic Server clustered environment has a vulnerability where entitlement policy changes made on a managed server while the Administrative Server is unavailable may not propagate correctly, potentially allowing bypass of intended restrictions. The issue affects the ...

6.8CVSS6.4AI score0.00708EPSS
Exploits0References7Affected Software1
Cvelist
Cvelistadded 2007/01/23 12:0 a.m.15 views

CVE-2007-0423

BEA WebLogic Portal 9.2 does not properly handle when an administrator deletes entitlements for a role, which causes other role entitlements to be "inadvertently affected," which has an unknown impact...

6.5AI score0.00254EPSS
Exploits0References6
Cvelist
Cvelistadded 2005/08/23 4:0 a.m.19 views

CVE-2005-2680

Unspecified vulnerability in BEA WebLogic Portal 8.1 through SP4, when using entitlements, allows remote attackers to bypass access restrictions for the pages of a Book via crafted URLs...

6.7AI score0.00216EPSS
Exploits0References1
CVE
CVEadded 2005/08/23 4:0 a.m.50 views

CVE-2005-2680

The CVE-2005-2680 entry concerns BEA WebLogic Portal 8.1 through SP4. The vulnerability occurs when using entitlements and allows remote attackers to bypass access restrictions for pages of a Book via crafted URLs. This is described as an unspecified vulnerability with impact limited to bypassing...

5CVSS7.1AI score0.00216EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder