Lucene search
+L

109 matches found

osv
osv
added 2018/10/17 1:31 a.m.3 views

CVE-2018-3252

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS Core Components. Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise...

9.8CVSS7.3AI score0.28007EPSS
Exploits0References4
osv
osv
added 2018/10/17 1:31 a.m.4 views

CVE-2018-3201

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS Core Components. The supported version that is affected is 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server...

9.8CVSS7.3AI score0.03333EPSS
Exploits0References3
osv
osv
added 2018/10/17 1:31 a.m.6 views

CVE-2018-3191

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS Core Components. Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise...

9.8CVSS7.3AI score0.63188EPSS
Exploits0References3
bdu_fstec
bdu_fstec
added 2018/08/03 12:0 a.m.8 views

The vulnerability of the WLS Core Components of the WebLogic Server application server allows a hacker to gain full control over the application.

The vulnerability of the WLS Core Components of the WebLogic Server application server is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker, operating remotely, to gain full control over the application using the T3 protocol...

9.8CVSS7.8AI score0.71196EPSS
Exploits14References4Affected Software1
osv
osv
added 2018/07/18 1:29 p.m.1 views

CVE-2018-2893

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS Core Components. Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to...

9.8CVSS7.3AI score0.71196EPSS
Exploits14References3
cnvd
cnvd
added 2018/07/18 12:0 a.m.5 views

Oracle WebLogic Deserialization Remote Code Execution Vulnerability

WebLogic is an application server produced by Oracle, is a middleware based on the JAVAEE architecture , WebLogic is used to develop, integrate, deploy and manage large-scale distributed Web applications, network applications and database applications of the Java application server . A...

9.8CVSS9.6AI score0.71196EPSS
Exploits14References1
osv
osv
added 2018/04/19 2:29 a.m.4 views

CVE-2018-2628

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS Core Components. Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to...

9.8CVSS7.3AI score0.99448EPSS
Exploits69References8
seebug
seebug
added 2018/04/18 12:0 a.m.308 views

Weblogic反序列化远程代码执行漏洞(CVE-2018-2628)

Oracle WebLogic Server has CVE-2018-2628 CVSS Base Score: 9.8 – Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS Core Components. Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. The easily exploitable...

7.5CVSS3.2AI score0.99448EPSS
Exploits69
myhack58
myhack58
added 2018/04/18 12:0 a.m.144 views

WebLogic WLS core components deserialization Vulnerability, CVE-2018-2628-a vulnerability warning-the black bar safety net

Vulnerability/event summary Beijing Time 4 month 18 days morning, Oracle officially released 4 months a critical patch update CPU CriticalPatchUpdate,which contains a high risk of the Weblogic deserialization VulnerabilityCVE-2018-2628, by the vulnerability, the attacker may unauthorized remote...

1.3AI score0.99448EPSS
Exploits69
ptsecurity
ptsecurity
added 2018/04/17 12:0 a.m.8 views

PT-2018-1868 · Oracle · Oracle Weblogic Server

Name of the Vulnerable Software and Affected Versions: Oracle WebLogic Server versions 10.3.6.0 through 12.2.1.3 Description: The issue is related to the WLS Core Components subcomponent of Oracle WebLogic Server and allows an unauthenticated attacker with network access via T3 to compromise the...

9.8CVSS9.2AI score0.99448EPSS
Exploits69References39
canvas
canvas
added 2017/11/09 5:29 p.m.974 views

Immunity Canvas: WEBLOGIC_T3_DESERIALIZATION

Name| weblogict3deserialization ---|--- CVE| CVE-2015-4852 Exploit Pack| CANVAS Description| weblogict3deserialization Notes| CVE Name: CVE-2015-4852 VENDOR: Oracle NOTES: IMPORTANT NOTE: Any instance of this application running Apache Commons Collections version prior to 3.0 WILL NOT WORK...

10CVSS7.9AI score0.96032EPSS
Exploits24
osv
osv
added 2017/10/19 5:29 p.m.5 views

CVE-2017-10271

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS Security. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to...

7.5CVSS7.2AI score0.99993EPSS
Exploits45References7
osv
osv
added 2017/08/08 3:29 p.m.6 views

CVE-2017-10147

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: Core Components. Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.1 and 12.2.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to...

8.6CVSS7.3AI score0.04212EPSS
Exploits0References5
osv
osv
added 2017/08/08 3:29 p.m.4 views

CVE-2017-10148

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: Core Components. Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.1 and 12.2.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to...

5.8CVSS7.3AI score0.02589EPSS
Exploits0References5
osv
osv
added 2017/01/27 10:59 p.m.2 views

CVE-2017-3248

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: Core Components. Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.0 and 12.2.1.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to...

9.8CVSS7.3AI score0.97301EPSS
Exploits15References8
nessus
nessus
added 2016/01/21 12:0 a.m.108 views

Oracle WebLogic Server Multiple Vulnerabilities (January 2016 CPU)

Binary data oracleweblogicservercpujan2016.nbin...

9.8CVSS7.9AI score0.96032EPSS
Exploits19References10
myhack58
myhack58
added 2015/12/24 12:0 a.m.31 views

Java deserialization vulnerability of the weblogic local use to achieve article-vulnerability warning-the black bar safety net

weblogic in the domestic scope of application more widely, supporting many of the company's core business, it has not put the weblogic to use the tool to publish it. However, many recent Party a friend asked me if I had a convenient tool to detect their companies deployed in the network of...

8AI score
Exploits0
nvd
nvd
added 2015/11/18 3:59 p.m.92 views

CVE-2015-4852

The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to...

9.8CVSS9.4AI score0.96032EPSS
Exploits17References16
prion
prion
added 2015/11/18 3:59 p.m.59 views

Code injection

The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to...

7.5CVSS7.5AI score0.96032EPSS
Exploits17References15Affected Software3
osv
osv
added 2015/11/18 3:59 p.m.2 views

UBUNTU-CVE-2015-4852

The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to...

9.8CVSS7.6AI score0.96032EPSS
Exploits17References11
Rows per page
Query Builder