Oracle

Weblogic Server

304 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2022-21548

  • EPSS 2.87%
  • Veröffentlicht 19.07.2022 22:15:12
  • Zuletzt bearbeitet 21.11.2024 06:44:55

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with n...

5.7

CVE-2022-21557

  • EPSS 0.34%
  • Veröffentlicht 19.07.2022 22:15:12
  • Zuletzt bearbeitet 21.11.2024 06:44:57

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Difficult to exploit vulnerability allows high privileged atta...

5.3

CVE-2022-21560

  • EPSS 3.85%
  • Veröffentlicht 19.07.2022 22:15:12
  • Zuletzt bearbeitet 21.11.2024 06:44:57

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with n...

5.3

CVE-2022-21564

  • EPSS 3.85%
  • Veröffentlicht 19.07.2022 22:15:12
  • Zuletzt bearbeitet 21.11.2024 06:44:58

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacke...

6.1

CVE-2022-24891

Exploit
  • EPSS 0.3%
  • Veröffentlicht 27.04.2022 21:15:08
  • Zuletzt bearbeitet 21.11.2024 06:51:20

ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. Prior to version 2.3.0.0, there is a potential for a cross-site scripting vulnerability in ESAPI caused by a incorrect regular expression for ...

9.8

CVE-2022-23457

Exploit
  • EPSS 0.18%
  • Veröffentlicht 25.04.2022 20:15:41
  • Zuletzt bearbeitet 21.11.2024 06:48:35

ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. Prior to version 2.3.0.0, the default implementation of `Validator.getValidDirectoryPath(String, String, File, boolean)` may incorrectly treat...

6.1

CVE-2022-29577

  • EPSS 0.23%
  • Veröffentlicht 21.04.2022 23:15:10
  • Zuletzt bearbeitet 21.11.2024 06:59:20

OWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets (CSS) content. NOTE: this issue exists because of an incomplete fix ...

5.8

CVE-2022-21453

  • EPSS 1.12%
  • Veröffentlicht 19.04.2022 21:15:16
  • Zuletzt bearbeitet 21.11.2024 06:44:44

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker wit...

5

CVE-2022-21441

  • EPSS 2.19%
  • Veröffentlicht 19.04.2022 21:15:15
  • Zuletzt bearbeitet 21.11.2024 06:44:42

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with n...

7.5

CVE-2022-24839

  • EPSS 0.33%
  • Veröffentlicht 11.04.2022 22:15:07
  • Zuletzt bearbeitet 21.11.2024 06:51:12

org.cyberneko.html is an html parser written in Java. The fork of `org.cyberneko.html` used by Nokogiri (Rubygem) raises a `java.lang.OutOfMemoryError` exception when parsing ill-formed HTML markup. Users are advised to upgrade to `>= 1.9.22.noko2`. ...