Oracle

Weblogic Server

304 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2022-22965

Warning Exploit
  • EPSS 94.44%
  • Published 01.04.2022 23:15:13
  • Last modified 10.04.2025 16:56:46

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Sp...

7.5

CVE-2020-36518

Exploit
  • EPSS 0.6%
  • Published 11.03.2022 07:15:07
  • Last modified 27.08.2025 21:15:36

jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.

7.1

CVE-2022-23437

  • EPSS 0.09%
  • Published 24.01.2022 15:15:09
  • Last modified 21.11.2024 06:48:33

There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolon...

5

CVE-2022-21371

Exploit
  • EPSS 94.16%
  • Published 19.01.2022 12:15:16
  • Last modified 21.11.2024 06:44:32

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenti...

5.8

CVE-2022-21386

  • EPSS 0.6%
  • Published 19.01.2022 12:15:16
  • Last modified 21.11.2024 06:44:34

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Container). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenti...

6.4

CVE-2022-21350

  • EPSS 46.04%
  • Published 19.01.2022 12:15:15
  • Last modified 21.11.2024 06:44:29

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated att...

6.4

CVE-2022-21353

  • EPSS 1.38%
  • Published 19.01.2022 12:15:15
  • Last modified 21.11.2024 06:44:29

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with n...

5.8

CVE-2022-21361

  • EPSS 0.6%
  • Published 19.01.2022 12:15:15
  • Last modified 21.11.2024 06:44:30

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Sample apps). Supported versions that are affected are 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with networ...

6.4

CVE-2022-21347

  • EPSS 1.38%
  • Published 19.01.2022 12:15:14
  • Last modified 21.11.2024 06:44:28

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated att...

7.5

CVE-2022-21306

  • EPSS 36.54%
  • Published 19.01.2022 12:15:13
  • Last modified 21.11.2024 06:44:22

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated att...