CVE-2021-2211
- EPSS 2.41%
- Veröffentlicht 22.04.2021 22:15:14
- Zuletzt bearbeitet 21.11.2024 06:02:38
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 10.3.6.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Difficult to exploit vulnerability allows unauthent...
CVE-2021-2214
- EPSS 0.91%
- Veröffentlicht 22.04.2021 22:15:14
- Zuletzt bearbeitet 21.11.2024 06:02:38
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Difficult to exploit vulnerability allows hi...
CVE-2021-2135
- EPSS 8.37%
- Veröffentlicht 22.04.2021 22:15:12
- Zuletzt bearbeitet 21.11.2024 06:02:27
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Coherence Container). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated ...
CVE-2021-2136
- EPSS 2.24%
- Veröffentlicht 22.04.2021 22:15:12
- Zuletzt bearbeitet 21.11.2024 06:02:27
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated att...
CVE-2021-2142
- EPSS 0.98%
- Veröffentlicht 22.04.2021 22:15:12
- Zuletzt bearbeitet 21.11.2024 06:02:28
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). The supported version that is affected is 10.3.6.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP ...
- EPSS 1.94%
- Veröffentlicht 22.04.2021 22:15:12
- Zuletzt bearbeitet 21.11.2024 06:02:29
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: TopLink Integration). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unau...
CVE-2021-29425
- EPSS 10.61%
- Veröffentlicht 13.04.2021 07:15:12
- Zuletzt bearbeitet 21.11.2024 06:01:04
In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like "//../foo", or "\\..\foo", the result would be the same value, thus possibly providing access to files in the parent directory, but ...
CVE-2021-3450
- EPSS 18.34%
- Veröffentlicht 25.03.2021 15:15:13
- Zuletzt bearbeitet 21.11.2024 06:21:33
The X509_V_FLAG_X509_STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly ...
CVE-2021-21347
- EPSS 14.3%
- Veröffentlicht 23.03.2021 00:15:13
- Zuletzt bearbeitet 23.05.2025 17:41:49
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processe...
CVE-2021-21350
- EPSS 15.23%
- Veröffentlicht 23.03.2021 00:15:13
- Zuletzt bearbeitet 23.05.2025 17:43:08
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to execute arbitrary code only by manipulating the processed input stream. No user is a...