CVE-2026-40128

SAP NetWeaver Application Server Java Web Container allows an unauthenticated attacker to craft a malicious HTTP logon request that manipulates file inclusion parameters, enabling path traversal and processing of the included file. Processing the included file could allow the attacker to view or...

CVE-2026-40128 Directory Traversal vulnerability in SAP NetWeaver Application Server Java (Web Container)

SAP NetWeaver Application Server Java Web Container allows an unauthenticated attacker to craft a malicious HTTP logon request that manipulates file inclusion parameters, enabling path traversal and processing of the included file. Processing the included file could allow the attacker to view or...

CVE-2026-40128

SAP NetWeaver Application Server Java Web Container allows an unauthenticated attacker to craft a malicious HTTP logon request that manipulates file inclusion parameters, enabling path traversal and processing of the included file. Processing the included file could allow the attacker to view or...

CVE-2026-40128

CVE-2026-40128 concerns SAP NetWeaver Application Server Java (Web Container). An unauthenticated attacker can craft a malicious HTTP logon request that manipulates file inclusion parameters, enabling path traversal and processing of the included file. This could allow viewing or modifying sensit...

PT-2026-47530

SAP NetWeaver Application Server Java Web Container allows an unauthenticated attacker to craft a malicious HTTP logon request that manipulates file inclusion parameters, enabling path traversal and processing of the included file. Processing the included file could allow the attacker to view or...

EUVD-2025-175622

Malicious code in web-container-container-sigma-optimize npm...

EUVD-2012-0142

Malware in sbrugna...

EUVD-2016-6432

Malware in sbrugna...

EUVD-2017-1825

Malware in sbrugna...

EUVD-2018-14359

Malware in sbrugna...

EUVD-2016-4471

Malware in sbrugna...

EUVD-2012-0229

Malware in sbrugna...

EUVD-2011-3529

Malware in sbrugna...

The vulnerability of the Web Container component of the Oracle WebLogic Server application allows a attacker to gain access to read, modify, or delete data.

The vulnerability of the Web Container server component of the Oracle WebLogic Server application is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to gain read, modify, or delete access to data...

CVE-2022-21557

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Web Container. Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracl...

CVE-2019-2576

Vulnerability in the Oracle Service Bus component of Oracle Fusion Middleware subcomponent: Web Container. Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

Mars: CVE-2022-21371: Oracle WebLogic Server Local File Inclusion

A vulnerability was identified in Oracle WebLogic Server's Web Container component. Affected versions included ██████████, ██████████, ██████████, and ██████████. The vulnerability could be exploited by an unauthenticated attacker over HTTP, potentially leading to unauthorized access to critical...

The vulnerability of the Web Container server component of the Oracle WebLogic Server application software, which allows a hacker to disclose sensitive information and also cause service failures.

The vulnerability of the Web Container server component of the Oracle WebLogic Server application software, part of the Oracle Fusion Middleware, exists due to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to disclose sensitive information, as well as...

CVE-2023-21956

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: Web Container. Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic...

SUSE CVE-2012-0551

Unspecified vulnerability in the Java Runtime Environment JRE in Oracle Java SE 7 update 4 and earlier and 6 update 32 and earlier, and the GlassFish Enterprise Server component in Oracle Sun Products Suite GlassFish Enterprise Server 3.1.1, allows remote attackers to affect confidentiality and...