Oracle

Weblogic Server

304 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2022-21548

  • EPSS 2.87%
  • Published 19.07.2022 22:15:12
  • Last modified 21.11.2024 06:44:55

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with n...

5.7

CVE-2022-21557

  • EPSS 0.34%
  • Published 19.07.2022 22:15:12
  • Last modified 21.11.2024 06:44:57

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Difficult to exploit vulnerability allows high privileged atta...

5.3

CVE-2022-21560

  • EPSS 3.85%
  • Published 19.07.2022 22:15:12
  • Last modified 21.11.2024 06:44:57

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with n...

5.3

CVE-2022-21564

  • EPSS 3.85%
  • Published 19.07.2022 22:15:12
  • Last modified 21.11.2024 06:44:58

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacke...

6.1

CVE-2022-24891

Exploit
  • EPSS 0.3%
  • Published 27.04.2022 21:15:08
  • Last modified 21.11.2024 06:51:20

ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. Prior to version 2.3.0.0, there is a potential for a cross-site scripting vulnerability in ESAPI caused by a incorrect regular expression for ...

9.8

CVE-2022-23457

Exploit
  • EPSS 0.18%
  • Published 25.04.2022 20:15:41
  • Last modified 21.11.2024 06:48:35

ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. Prior to version 2.3.0.0, the default implementation of `Validator.getValidDirectoryPath(String, String, File, boolean)` may incorrectly treat...

6.1

CVE-2022-29577

  • EPSS 0.23%
  • Published 21.04.2022 23:15:10
  • Last modified 21.11.2024 06:59:20

OWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets (CSS) content. NOTE: this issue exists because of an incomplete fix ...

5.8

CVE-2022-21453

  • EPSS 1.12%
  • Published 19.04.2022 21:15:16
  • Last modified 21.11.2024 06:44:44

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker wit...

5

CVE-2022-21441

  • EPSS 2.19%
  • Published 19.04.2022 21:15:15
  • Last modified 21.11.2024 06:44:42

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with n...

7.5

CVE-2022-24839

  • EPSS 0.33%
  • Published 11.04.2022 22:15:07
  • Last modified 21.11.2024 06:51:12

org.cyberneko.html is an html parser written in Java. The fork of `org.cyberneko.html` used by Nokogiri (Rubygem) raises a `java.lang.OutOfMemoryError` exception when parsing ill-formed HTML markup. Users are advised to upgrade to `>= 1.9.22.noko2`. ...