109 matches found
CVE-2018-3252
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS Core Components. Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise...
CVE-2018-3201
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS Core Components. The supported version that is affected is 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server...
CVE-2018-3191
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS Core Components. Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise...
The vulnerability of the WLS Core Components of the WebLogic Server application server allows a hacker to gain full control over the application.
The vulnerability of the WLS Core Components of the WebLogic Server application server is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain full control over the application using the T3 protocol...
CVE-2018-2893
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS Core Components. Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to...
Oracle WebLogic Deserialization Remote Code Execution Vulnerability
WebLogic is an application server produced by Oracle, is a middleware based on the JAVAEE architecture , WebLogic is used to develop, integrate, deploy and manage large-scale distributed Web applications, network applications and database applications of the Java application server . A...
CVE-2018-2628
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS Core Components. Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to...
Weblogic反序列化远程代码执行漏洞(CVE-2018-2628)
Oracle WebLogic Server has CVE-2018-2628 CVSS Base Score: 9.8 – Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS Core Components. Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. The easily exploitable...
WebLogic WLS core components deserialization Vulnerability, CVE-2018-2628-a vulnerability warning-the black bar safety net
Vulnerability/event summary Beijing Time 4 month 18 days morning, Oracle officially released 4 months a critical patch update CPU CriticalPatchUpdate,which contains a high risk of the Weblogic deserialization VulnerabilityCVE-2018-2628, by the vulnerability, the attacker may unauthorized remote...
PT-2018-1868 · Oracle · Oracle Weblogic Server
Name of the Vulnerable Software and Affected Versions: Oracle WebLogic Server versions 10.3.6.0 through 12.2.1.3 Description: The issue is related to the WLS Core Components subcomponent of Oracle WebLogic Server and allows an unauthenticated attacker with network access via T3 to compromise the...
Immunity Canvas: WEBLOGIC_T3_DESERIALIZATION
Name| weblogict3deserialization ---|--- CVE| CVE-2015-4852 Exploit Pack| CANVAS Description| weblogict3deserialization Notes| CVE Name: CVE-2015-4852 VENDOR: Oracle NOTES: IMPORTANT NOTE: Any instance of this application running Apache Commons Collections version prior to 3.0 WILL NOT WORK...
CVE-2017-10271
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS Security. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to...
CVE-2017-10147
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: Core Components. Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.1 and 12.2.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to...
CVE-2017-10148
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: Core Components. Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.1 and 12.2.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to...
CVE-2017-3248
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: Core Components. Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.0 and 12.2.1.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to...
Oracle WebLogic Server Multiple Vulnerabilities (January 2016 CPU)
Binary data oracleweblogicservercpujan2016.nbin...
Java deserialization vulnerability of the weblogic local use to achieve article-vulnerability warning-the black bar safety net
weblogic in the domestic scope of application more widely, supporting many of the company's core business, it has not put the weblogic to use the tool to publish it. However, many recent Party a friend asked me if I had a convenient tool to detect their companies deployed in the network of...
CVE-2015-4852
The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to...
Code injection
The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to...
UBUNTU-CVE-2015-4852
The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to...