Lucene search
K

15 matches found

GithubExploit
GithubExploit
added 2026/05/27 7:37 a.m.138 views

Exploit for Missing Authentication for Critical Function in Oracle Weblogic_Server

LAB 2 - CVE-2017-10271: WebLogic XMLDecoder Deserialization Wr...

7.5CVSS8.2AI score0.99993EPSS
Exploits45
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-3769

Malware in sbrugna...

9.8CVSS9.2AI score0.02065EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2015-4852

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a...

9.8CVSS8.4AI score0.96032EPSS
Exploits17References2
SUSE CVE
SUSE CVE
added 2023/02/15 5:17 a.m.9 views

SUSE CVE-2015-4852

The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to...

9.8CVSS7.6AI score0.96032EPSS
Exploits17References6
Zero Day Initiative
Zero Day Initiative
added 2020/01/15 12:0 a.m.239 views

Oracle WebLogic Server T3 Protocol Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle WebLogic. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the T3 protocol on TCP port 7001. When deserializing objects embedded wi...

9.8CVSS4.6AI score0.97116EPSS
Exploits26References1
Zero Day Initiative
Zero Day Initiative
added 2019/07/22 12:0 a.m.43 views

Oracle WebLogic DeploymentService Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Oracle WebLogic. Authentication is required to exploit this vulnerability. The specific flaw exists within the DeploymentService, which listens on TCP port 7001 by default. When parsing the...

8.8CVSS4.7AI score0.01259EPSS
Exploits0References1
exploitpack
exploitpack
added 2019/03/28 12:0 a.m.32 views

Thomson Reuters Concourse Firm Central 2.13.0097 - Directory Traversal Local File Inclusion

Thomson Reuters Concourse Firm Central 2.13.0097 - Directory Traversal Local File Inclusion ''' Exploit Title: Thomson Reuters Concourse & Firm Central 2.13.0097 - Directory Traversal & Local File Inclusion Date: 02/13/2019 Exploit Author: 0v3rride Vendor Homepage:...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2018/03/05 12:0 a.m.53 views

Softros Network Time System Server 2.3.4 Denial Of Service

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/SOFTROS-NETWORK-TIME-SYSTEM-SERVER-v2.3.4-DENIAL-OF-SERVICE.txt + ISR: Apparition Security Vendor: ============= www.softros.com https://nts.softros.com/downloads/ Product:...

7.6AI score0.3817EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2016/01/21 12:0 a.m.107 views

Oracle WebLogic Server Multiple Vulnerabilities (January 2016 CPU)

Binary data oracleweblogicservercpujan2016.nbin...

9.8CVSS7.9AI score0.96032EPSS
Exploits19References10
CNVD
CNVD
added 2015/11/19 12:0 a.m.6 views

Oracle WebLogic Server Remote Code Execution Vulnerability

Oracle WebLogic Server is an Oracle application server for cloud and legacy environments that provides a modern lightweight development platform that supports the entire lifecycle management of applications from development to production and simplifies application deployment and management.WLS...

9.8CVSS9.4AI score0.96032EPSS
Exploits17References1
NVD
NVD
added 2015/11/18 3:59 p.m.91 views

CVE-2015-4852

The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to...

9.8CVSS9.4AI score0.96032EPSS
Exploits17References16
Prion
Prion
added 2015/11/18 3:59 p.m.58 views

Code injection

The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to...

7.5CVSS7.5AI score0.96032EPSS
Exploits17References15Affected Software3
Vulnrichment
Vulnrichment
added 2015/11/18 3:0 p.m.17 views

CVE-2015-4852

The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to...

9.4AI score0.96032EPSS
Exploits17References15
CVE
CVE
added 2015/11/18 3:0 p.m.2119 views

CVE-2015-4852

CVE-2015-4852 describes a remote code execution in Oracle WebLogic Server via deserialization of untrusted data in the WLS Security component. A crafted serialized Java object (via Apache Commons Collections) in T3 protocol traffic to TCP port 7001 can execute arbitrary commands. Affected version...

9.8CVSS8.4AI score0.96032EPSS
In wildExploits17References16Affected Software1
ATTACKERKB
ATTACKERKB
added 2015/11/18 12:0 a.m.375 views

CVE-2015-4852

The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to...

9.8CVSS8.6AI score0.96032EPSS
In wildExploits17References18
Rows per page
Query Builder