CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Digital Security Research Group DSecRG Advisory DSECRG-09-031 http://dsecrg.com/pages/vul/show.php?id=131 Application: Oracle BEA Weblogic 10 Versions Affected: Oracle BEA Weblogic 10 Vendor URL: http://oracle.com Bugs: Linked XSS Vulnerability Exploits: YES Reported: 18.03.2009 Vendor response:...

0.2AI score

Exploits0

securityvulns•added 2009/07/16 12:0 a.m.•93 views

[DSECRG-09-031] Oracle BEA Weblogic 10.3 Linked ХSS vulnerability

6AI score

Exploits0

Prion•added 2009/06/08 1:0 a.m.•20 views

Design/Logic Flaw

IBM FileNet Content Manager 4.0, 4.0.1, and 4.5, as used in IBM WebSphere Application Server WAS and Oracle BEA WebLogic Application Server, when the CE Web Services listener has a certain WSEAF configuration, does not properly restrict use of a cached Subject, which allows remote attackers to...

4.6CVSS6.4AI score0.00554EPSS

Exploits0References4Affected Software1

NVD•added 2009/06/08 1:0 a.m.•11 views

CVE-2009-1953

4.6CVSS6AI score0.00554EPSS

Exploits0References4

Cvelist•added 2009/06/06 6:0 p.m.•15 views

CVE-2009-1953

6AI score0.00554EPSS

Exploits0References4

securityvulns•added 2009/04/16 12:0 a.m.•61 views

Secunia Research: Oracle BEA WebLogic Server Plug-ins Integer Overflow

====================================================================== Secunia Research 15/04/2009 - Oracle BEA WebLogic Server Plug-ins Integer Overflow - ====================================================================== Table of Contents Affected...

1.1AI score

Exploits1

securityvulns•added 2009/04/16 12:0 a.m.•64 views

Secunia Research: Oracle BEA WebLogic Server Plug-ins Certificate Buffer Overflow

====================================================================== Secunia Research 15/04/2009 - Oracle BEA WebLogic Server Plug-ins Certificate Buffer Overflow - ====================================================================== Table of Contents Affected...

0.7AI score

Exploits1

NVD•added 2009/04/15 10:30 a.m.•20 views

CVE-2009-1012

Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP3, 10.0 Gold through MP1, and 10.3 allows remote attackers to affect confidentiality, integrity, and availability. NOTE:...

10CVSS6.4AI score0.07409EPSS

Exploits1References8

Prion•added 2009/04/15 10:30 a.m.•14 views

Design/Logic Flaw

Unspecified vulnerability in Oracle BEA WebLogic Server 10.3, 10.0 Gold through MP1, 9.2 Gold through MP3, 9.1, 9.0, 8.1 Gold through SP6, and 7.0 Gold through SP7 allows remote attackers to gain privileges via unknown vectors...

5.8CVSS6.9AI score0.00904EPSS

Exploits1References6Affected Software1

NVD•added 2009/04/15 10:30 a.m.•8 views

CVE-2009-1002

5.8CVSS6.3AI score0.00904EPSS

Exploits1References6

Prion•added 2009/04/15 10:30 a.m.•10 views

Design/Logic Flaw

Unspecified vulnerability in Oracle BEA WebLogic Portal 8.1 Gold through SP6 allows remote authenticated users to gain privileges via unknown vectors...

5.5CVSS6.3AI score0.00778EPSS

Exploits1References7Affected Software1

Prion•added 2009/04/15 10:30 a.m.•22 views

Integer overflow

10CVSS7AI score0.07409EPSS

Exploits1References8Affected Software1

CVE•added 2009/04/15 10:0 a.m.•39 views

CVE-2009-1002

Concretes details found: CVE-2009-1002 relates to Oracle WebLogic Server family. A vulnerability in the WebLogic Server plugin can cause a stack/heap-like overflow when handling HTTP requests or when parsing SSL certificates, enabling remote attackers to potentially gain privileges. Affected prod...

5.8CVSS6.5AI score0.00904EPSS

Exploits1References6Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by