Oracle

Weblogic Server

304 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2017-3531

  • EPSS 1.19%
  • Published 24.04.2017 19:59:03
  • Last modified 20.04.2025 01:37:25

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Servlet Runtime). Supported versions that are affected are 12.1.3.0, 12.2.1.0, 12.2.1.1 and 12.2.1.2. Easily "exploitable" vulnerability allows unauthent...

9.8

CVE-2017-5645

  • EPSS 94.01%
  • Published 17.04.2017 21:59:00
  • Last modified 20.04.2025 01:37:25

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.

6.1

CVE-2016-7103

Exploit
  • EPSS 1.38%
  • Published 15.03.2017 16:59:00
  • Last modified 20.04.2025 01:37:25

Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.

10

CVE-2017-5638

Warning Media report Exploit
  • EPSS 94.27%
  • Published 11.03.2017 02:59:00
  • Last modified 20.04.2025 01:37:25

The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a...

9.8

CVE-2017-3248

  • EPSS 90.83%
  • Published 27.01.2017 22:59:02
  • Last modified 13.08.2025 15:15:29

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.0 and 12.2.1.1. Easily exploitable vulnerability allows unauthentic...

6.3

CVE-2016-5601

  • EPSS 0.16%
  • Published 25.10.2016 14:31:13
  • Last modified 12.04.2025 10:46:40

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows local users to affect confidentiality and integrity via vectors related to CIE Related Components.

9.8

CVE-2016-5535

  • EPSS 3.55%
  • Published 25.10.2016 14:30:10
  • Last modified 12.04.2025 10:46:40

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

9.8

CVE-2016-5531

  • EPSS 2.4%
  • Published 25.10.2016 14:30:06
  • Last modified 12.04.2025 10:46:40

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS-WebServices.

5.3

CVE-2016-5488

  • EPSS 1.2%
  • Published 25.10.2016 14:29:23
  • Last modified 12.04.2025 10:46:40

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0 and 12.1.3.0 allows remote attackers to affect availability via vectors related to Web Container, a different vulnerability than CVE-2016-3445.

10

CVE-2016-3551

  • EPSS 3.77%
  • Published 25.10.2016 14:29:13
  • Last modified 12.04.2025 10:46:40

Unspecified vulnerability in the Oracle Web Services component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXWS ...