Lucene search

K

192 matches found

CVE
CVE
added 2020/10/21 3:15 p.m.1652 views

CVE-2020-14882

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP...

10CVSS9.7AI score0.94454EPSS
In wildWeb
CVE
CVE
added 2017/10/19 5:29 p.m.1350 views

CVE-2017-10271

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to ...

7.5CVSS7.3AI score0.94439EPSS
In wild
CVE
CVE
added 2020/11/02 9:15 p.m.1253 views

CVE-2020-14750

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP...

9.8CVSS9.7AI score0.94435EPSS
In wild
CVE
CVE
added 2020/10/21 3:15 p.m.1250 views

CVE-2020-14883

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP...

9CVSS8.1AI score0.94437EPSS
In wild
CVE
CVE
added 2018/04/19 2:29 a.m.1222 views

CVE-2018-2628

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to c...

9.8CVSS9.3AI score0.94409EPSS
In wildWeb
CVE
CVE
added 2023/01/18 12:15 a.m.752 views

CVE-2023-21839

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle W...

7.5CVSS7.5AI score0.93019EPSS
In wild
CVE
CVE
added 2020/04/15 2:15 p.m.667 views

CVE-2020-2883

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to comprom...

9.8CVSS9.1AI score0.93729EPSS
In wild
CVE
CVE
added 2020/01/15 5:15 p.m.632 views

CVE-2020-2551

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP...

9.8CVSS9.4AI score0.94393EPSS
In wildWeb
CVE
CVE
added 2019/06/19 11:15 p.m.618 views

CVE-2019-2729

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

9.8CVSS9.4AI score0.94364EPSS
In wildWeb
CVE
CVE
added 2017/04/24 7:59 p.m.462 views

CVE-2017-3506

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.0, 12.2.1.1 and 12.2.1.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HT...

7.4CVSS7.7AI score0.94375EPSS
In wild
CVE
CVE
added 2020/03/31 5:15 a.m.453 views

CVE-2020-11113

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).

8.8CVSS8.3AI score0.61746EPSS
CVE
CVE
added 2020/03/18 10:15 p.m.412 views

CVE-2020-10672

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).

8.8CVSS8.3AI score0.4007EPSS
CVE
CVE
added 2020/03/26 1:15 p.m.396 views

CVE-2020-10968

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).

8.8CVSS8.3AI score0.06632EPSS
CVE
CVE
added 2020/03/26 1:15 p.m.391 views

CVE-2020-10969

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.

8.8CVSS8.3AI score0.01478EPSS
CVE
CVE
added 2020/03/31 5:15 a.m.391 views

CVE-2020-11111

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).

8.8CVSS8.3AI score0.02196EPSS
CVE
CVE
added 2020/03/18 10:15 p.m.380 views

CVE-2020-10673

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).

8.8CVSS8.3AI score0.20473EPSS
CVE
CVE
added 2023/10/17 10:15 p.m.380 views

CVE-2023-22089

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Serv...

9.8CVSS9.5AI score0.00465EPSS
CVE
CVE
added 2020/03/31 5:15 a.m.368 views

CVE-2020-11112

FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).

8.8CVSS8.3AI score0.11418EPSS
CVE
CVE
added 2023/10/17 10:15 p.m.362 views

CVE-2023-22108

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Serv...

7.5CVSS7.2AI score0.00269EPSS
CVE
CVE
added 2023/10/17 10:15 p.m.358 views

CVE-2023-22069

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Serv...

9.8CVSS9.5AI score0.00596EPSS
CVE
CVE
added 2023/10/17 10:15 p.m.354 views

CVE-2023-22072

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful...

9.8CVSS9.6AI score0.00661EPSS
CVE
CVE
added 2024/07/16 11:15 p.m.353 views

CVE-2024-21181

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Serv...

9.8CVSS9.5AI score0.01263EPSS
CVE
CVE
added 2017/01/27 10:59 p.m.343 views

CVE-2017-3248

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.0 and 12.2.1.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compr...

9.8CVSS9.3AI score0.91616EPSS
CVE
CVE
added 2023/10/17 10:15 p.m.341 views

CVE-2023-22101

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Se...

8.1CVSS8AI score0.00279EPSS
CVE
CVE
added 2023/10/17 10:15 p.m.339 views

CVE-2023-22086

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Serv...

7.5CVSS7.2AI score0.00293EPSS
CVE
CVE
added 2018/07/18 1:29 p.m.337 views

CVE-2018-2894

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Supported versions that are affected are 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

9.8CVSS9.1AI score0.94307EPSS
In wild
CVE
CVE
added 2020/04/15 2:15 p.m.311 views

CVE-2020-2934

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.19 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL C...

5.1CVSS4.4AI score0.00133EPSS
CVE
CVE
added 2018/07/18 1:29 p.m.297 views

CVE-2018-2893

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to c...

9.8CVSS9.1AI score0.93995EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.294 views

CVE-2018-3245

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise ...

9.8CVSS9AI score0.91472EPSS
Web
CVE
CVE
added 2020/04/15 2:15 p.m.275 views

CVE-2020-2801

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to comprom...

9.8CVSS9.2AI score0.09227EPSS
CVE
CVE
added 2021/01/07 12:15 a.m.269 views

CVE-2020-36180

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS.

8.8CVSS7.7AI score0.01957EPSS
CVE
CVE
added 2019/04/23 7:32 p.m.266 views

CVE-2019-2618

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to com...

5.5CVSS5AI score0.86694EPSS
CVE
CVE
added 2021/01/07 12:15 a.m.261 views

CVE-2020-36179

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS.

8.8CVSS7.7AI score0.61296EPSS
CVE
CVE
added 2021/01/07 12:15 a.m.260 views

CVE-2020-36182

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS.

8.8CVSS7.7AI score0.02121EPSS
CVE
CVE
added 2021/01/06 11:15 p.m.258 views

CVE-2020-36184

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource.

8.8CVSS7.7AI score0.05061EPSS
Web
CVE
CVE
added 2022/01/19 12:15 p.m.254 views

CVE-2022-21371

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to co...

7.5CVSS7.1AI score0.94161EPSS
In wild
CVE
CVE
added 2021/01/06 11:15 p.m.251 views

CVE-2020-36181

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS.

8.8CVSS7.7AI score0.06306EPSS
CVE
CVE
added 2019/10/16 6:15 p.m.245 views

CVE-2019-2890

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via T3 to compromise Oracle...

7.2CVSS6.7AI score0.89914EPSS
Web
CVE
CVE
added 2018/10/17 1:31 a.m.234 views

CVE-2018-3191

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise ...

9.8CVSS9.1AI score0.91421EPSS
CVE
CVE
added 2018/10/17 1:31 a.m.228 views

CVE-2018-3252

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise ...

9.8CVSS8.5AI score0.84867EPSS
CVE
CVE
added 2023/04/18 8:15 p.m.224 views

CVE-2023-21931

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogi...

7.5CVSS7.1AI score0.81077EPSS
In wild
CVE
CVE
added 2020/01/15 5:15 p.m.222 views

CVE-2020-2546

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Application Container - JavaEE). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise ...

9.8CVSS9.1AI score0.29688EPSS
CVE
CVE
added 2021/01/20 3:15 p.m.217 views

CVE-2021-2108

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core Components). The supported version that is affected is 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server....

9.8CVSS9.4AI score0.26765EPSS
In wild
CVE
CVE
added 2021/07/21 3:15 p.m.211 views

CVE-2021-2351

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option. S...

8.3CVSS8.5AI score0.03544EPSS
CVE
CVE
added 2021/07/21 3:15 p.m.210 views

CVE-2021-2394

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIO...

10CVSS9.5AI score0.90663EPSS
CVE
CVE
added 2021/01/20 3:15 p.m.208 views

CVE-2021-2109

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP...

7.2CVSS6.8AI score0.9311EPSS
In wildWeb
CVE
CVE
added 2020/07/15 6:15 p.m.206 views

CVE-2020-14644

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle W...

9.8CVSS9.3AI score0.90365EPSS
In wild
CVE
CVE
added 2022/01/19 12:15 p.m.189 views

CVE-2022-21306

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Or...

9.8CVSS9.3AI score0.36535EPSS
CVE
CVE
added 2020/04/15 2:15 p.m.169 views

CVE-2020-2884

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to comprom...

9.8CVSS9.1AI score0.0449EPSS
CVE
CVE
added 2019/10/16 6:15 p.m.155 views

CVE-2019-2888

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: EJB Container). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Ora...

5.3CVSS4.4AI score0.78684EPSS
Total number of security vulnerabilities192