Weblogic Server Security Vulnerabilities and Issues — Page 4 of Weblogic Server CVE List

Lucene search

OracleWeblogic Server

309 matches found

CVE•added 2019/04/23 7:32 p.m.•106 views

CVE-2019-2615

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to com...

4.9CVSS4.8AI score0.62261EPSS

CVE•added 2023/04/18 8:15 p.m.•106 views

CVE-2023-21996

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Orac...

7.5CVSS7.2AI score0.00507EPSS

CVE•added 2017/10/19 5:29 p.m.•105 views

CVE-2017-10352

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). The supported version that is affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with netwo...

9.9CVSS8.3AI score0.26725EPSS

CVE•added 2024/07/16 11:15 p.m.•104 views

CVE-2024-21182

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Serv...

7.5CVSS7.2AI score0.86894EPSS

CVE•added 2019/07/23 11:15 p.m.•103 views

CVE-2019-2824

5.5CVSS6AI score0.00523EPSS

CVE•added 2008/07/22 4:41 p.m.•102 views

CVE-2008-3257

Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and earlier allows remote attackers to execute arbitrary code via a long HTTP version string, as demonstrated by a string after "POST /.jsp" in an HTTP request.

10CVSS7.4AI score0.71508EPSS

CVE•added 2021/01/20 3:15 p.m.•102 views

CVE-2021-2047

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to comprom...

9.8CVSS9.3AI score0.26765EPSS

CVE•added 2021/01/20 3:15 p.m.•100 views

CVE-2021-1996

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic ...

3.5CVSS3.4AI score0.00386EPSS

CVE•added 2010/07/13 10:30 p.m.•98 views

CVE-2010-2375

Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebLogic Server component in Oracle Fusion Middleware 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, 10.3.2, and 10.3.3 allows remote attackers to affect confidentiality and integrity, related to IIS.

6.4CVSS6AI score0.1617EPSS

Web

CVE•added 2022/01/19 12:15 p.m.•97 views

CVE-2022-21257

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Samples). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Serve...

6.1CVSS5.6AI score0.00816EPSS

CVE•added 2025/01/21 9:15 p.m.•96 views

CVE-2025-21535

9.8CVSS9.1AI score0.00601EPSS

CVE•added 2024/04/16 10:15 p.m.•95 views

CVE-2024-21006

7.5CVSS6.6AI score0.83016EPSS

Web

CVE•added 2022/01/19 12:15 p.m.•94 views

CVE-2022-21350

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Or...

6.5CVSS6.2AI score0.46035EPSS

CVE•added 2022/04/19 9:15 p.m.•91 views

CVE-2022-21453

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle We...

6.1CVSS6.2AI score0.00816EPSS

CVE•added 2022/01/19 12:15 p.m.•90 views

CVE-2022-21386

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to co...

6.1CVSS5.9AI score0.00601EPSS

CVE•added 2024/07/16 11:15 p.m.•90 views

CVE-2024-21175

9.1CVSS7.1AI score0.00334EPSS

CVE•added 2017/12/01 4:29 p.m.•87 views

CVE-2017-15707

In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload.

6.2CVSS6.2AI score0.02511EPSS

Web

CVE•added 2023/01/18 12:15 a.m.•87 views

CVE-2023-21838

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle W...

7.5CVSS7.1AI score0.00319EPSS

CVE•added 2021/01/20 3:15 p.m.•86 views

CVE-2021-2075

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Samples). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP...

9.8CVSS9.3AI score0.26765EPSS

CVE•added 2022/01/19 12:15 p.m.•85 views

CVE-2022-21259

6.1CVSS5.6AI score0.00601EPSS

CVE•added 2022/07/19 10:15 p.m.•85 views

CVE-2022-21548

6.5CVSS6.2AI score0.03076EPSS

CVE•added 2020/01/15 5:15 p.m.•84 views

CVE-2020-2550

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastruc...

5.1CVSS5.8AI score0.00187EPSS

CVE•added 2023/01/18 12:15 a.m.•84 views

CVE-2023-21837

7.5CVSS7.1AI score0.00538EPSS

CVE•added 2019/10/16 6:15 p.m.•83 views

CVE-2019-2891

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle ...

8.1CVSS7.8AI score0.01045EPSS

CVE•added 2022/01/19 12:15 p.m.•83 views

CVE-2022-21260

6.1CVSS5.6AI score0.00601EPSS

CVE•added 2016/01/21 3:2 a.m.•82 views

CVE-2016-0574

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Core Components, a different vulnerability than CVE-2016-0577.

7.5CVSS7.2AI score0.01032EPSS

CVE•added 2022/01/19 12:15 p.m.•82 views

CVE-2022-21262

6.1CVSS5.9AI score0.00601EPSS

CVE•added 2022/01/19 12:15 p.m.•81 views

CVE-2022-21347

6.5CVSS6.2AI score0.01384EPSS

CVE•added 2023/01/18 12:15 a.m.•81 views

CVE-2023-21842

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Ora...

7.5CVSS7.1AI score0.00538EPSS

CVE•added 2023/07/18 9:15 p.m.•81 views

CVE-2023-22031

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 14.1.1.0.0 and 12.2.1.4.0. Difficult to exploit vulnerability allows high privileged attacker with network access via T3, IIOP to compromise Oracle WebLogic Se...

4.4CVSS4.3AI score0.00117EPSS

CVE•added 2017/08/08 3:29 p.m.•80 views

CVE-2017-10137

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: JNDI). Supported versions that are affected are 10.3.6.0 and 12.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server....

10CVSS9.2AI score0.11481EPSS

CVE•added 2023/01/18 12:15 a.m.•79 views

CVE-2023-21841

7.5CVSS7.1AI score0.00538EPSS

CVE•added 2023/07/18 9:15 p.m.•79 views

CVE-2023-22040

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise Oracle Web...

6.5CVSS6.4AI score0.00157EPSS

CVE•added 2021/04/22 10:15 p.m.•78 views

CVE-2021-2136

9.8CVSS9.4AI score0.04797EPSS

CVE•added 2022/01/19 12:15 p.m.•78 views

CVE-2022-21353

6.5CVSS6.2AI score0.01384EPSS

CVE•added 2019/07/23 11:15 p.m.•77 views

CVE-2019-2827

5.5CVSS5AI score0.00523EPSS

CVE•added 2022/07/19 10:15 p.m.•76 views

CVE-2022-21557

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracl...

5.7CVSS6.2AI score0.00296EPSS

CVE•added 2022/07/19 10:15 p.m.•76 views

CVE-2022-21564

5.3CVSS5.7AI score0.04119EPSS

CVE•added 2024/02/17 2:15 a.m.•76 views

CVE-2024-20986

6.1CVSS6.2AI score0.00403EPSS

CVE•added 2022/01/19 12:15 p.m.•75 views

CVE-2022-21361

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Sample apps). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic S...

6.1CVSS5.9AI score0.00601EPSS

CVE•added 2022/07/19 10:15 p.m.•75 views

CVE-2022-21560

5.3CVSS5.7AI score0.04119EPSS

CVE•added 2010/04/14 5:30 p.m.•74 views

CVE-2010-0073

Unspecified vulnerability in the WebLogic Server in Oracle WebLogic Server 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, and 10.3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

10CVSS6.1AI score0.02934EPSS

CVE•added 2021/04/22 10:15 p.m.•74 views

CVE-2021-2294

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIO...

6.5CVSS6.7AI score0.01384EPSS

CVE•added 2016/01/21 3:2 a.m.•73 views

CVE-2016-0573

7.5CVSS7.2AI score0.00761EPSS

CVE•added 2020/07/15 6:15 p.m.•73 views

CVE-2020-14645

9.8CVSS9.3AI score0.92419EPSS

CVE•added 2021/01/20 3:15 p.m.•73 views

CVE-2021-2018

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 18c and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option. Successful attac...

8.3CVSS8.3AI score0.01413EPSS

CVE•added 2022/01/19 12:15 p.m.•73 views

CVE-2022-21292

7.5CVSS7.1AI score0.0467EPSS

CVE•added 2024/10/15 8:15 p.m.•73 views

CVE-2024-21216

9.8CVSS9.5AI score0.01276EPSS

CVE•added 2018/10/17 1:31 a.m.•72 views

CVE-2018-3197

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). The supported version that is affected is 12.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server...

9.8CVSS9.1AI score0.10331EPSS

CVE•added 2022/10/18 9:15 p.m.•72 views

CVE-2022-21616

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracl...

5.2CVSS5.3AI score0.00077EPSS

Total number of security vulnerabilities309