Oracle

Weblogic Server

304 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2022-22965

Warnung Exploit
  • EPSS 94.44%
  • Veröffentlicht 01.04.2022 23:15:13
  • Zuletzt bearbeitet 10.04.2025 16:56:46

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Sp...

7.5

CVE-2020-36518

Exploit
  • EPSS 0.6%
  • Veröffentlicht 11.03.2022 07:15:07
  • Zuletzt bearbeitet 27.08.2025 21:15:36

jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.

7.1

CVE-2022-23437

  • EPSS 0.09%
  • Veröffentlicht 24.01.2022 15:15:09
  • Zuletzt bearbeitet 21.11.2024 06:48:33

There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolon...

5

CVE-2022-21371

Exploit
  • EPSS 94.16%
  • Veröffentlicht 19.01.2022 12:15:16
  • Zuletzt bearbeitet 21.11.2024 06:44:32

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenti...

5.8

CVE-2022-21386

  • EPSS 0.6%
  • Veröffentlicht 19.01.2022 12:15:16
  • Zuletzt bearbeitet 21.11.2024 06:44:34

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenti...

6.4

CVE-2022-21350

  • EPSS 46.04%
  • Veröffentlicht 19.01.2022 12:15:15
  • Zuletzt bearbeitet 21.11.2024 06:44:29

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated att...

6.4

CVE-2022-21353

  • EPSS 1.38%
  • Veröffentlicht 19.01.2022 12:15:15
  • Zuletzt bearbeitet 21.11.2024 06:44:29

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with n...

5.8

CVE-2022-21361

  • EPSS 0.6%
  • Veröffentlicht 19.01.2022 12:15:15
  • Zuletzt bearbeitet 21.11.2024 06:44:30

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Sample apps). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with networ...

6.4

CVE-2022-21347

  • EPSS 1.38%
  • Veröffentlicht 19.01.2022 12:15:14
  • Zuletzt bearbeitet 21.11.2024 06:44:28

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated att...

7.5

CVE-2022-21306

  • EPSS 36.54%
  • Veröffentlicht 19.01.2022 12:15:13
  • Zuletzt bearbeitet 21.11.2024 06:44:22

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated att...