Oracle

Weblogic Server

322 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 3.33%
  • Veröffentlicht 24.01.2020 15:15:14
  • Zuletzt bearbeitet 21.11.2024 05:36:52

CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows attackers to trigger excessive memory allocation during a decode operation, because the nonce array length associated with "new byte" may depend on untrusted...

Exploit
  • EPSS 2.38%
  • Veröffentlicht 17.01.2020 19:15:14
  • Zuletzt bearbeitet 21.11.2024 05:34:03

Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Spring MVC (spring-webmvc module) or Spring WebFlux (spring-webflux module) endpoints. Only non-authenticated endpoints are vul...

  • EPSS 88.08%
  • Veröffentlicht 17.01.2020 00:15:12
  • Zuletzt bearbeitet 21.11.2024 05:34:04

In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response...

  • EPSS 1.94%
  • Veröffentlicht 15.01.2020 17:15:17
  • Zuletzt bearbeitet 21.11.2024 05:25:30

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core Components). The supported version that is affected is 10.3.6.0.0. Easily exploitable vulnerability allows high privileged attacker with network acce...

  • EPSS 0.53%
  • Veröffentlicht 15.01.2020 17:15:17
  • Zuletzt bearbeitet 21.11.2024 05:25:30

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows high...

Warnung Medienbericht
  • EPSS 93.17%
  • Veröffentlicht 15.01.2020 17:15:17
  • Zuletzt bearbeitet 27.10.2025 17:09:04

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unau...

  • EPSS 0.83%
  • Veröffentlicht 15.01.2020 17:15:17
  • Zuletzt bearbeitet 21.11.2024 05:25:31

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core Components). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows high privileged attacker wit...

  • EPSS 0.97%
  • Veröffentlicht 15.01.2020 17:15:16
  • Zuletzt bearbeitet 21.11.2024 05:25:29

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated ...

  • EPSS 5.14%
  • Veröffentlicht 15.01.2020 17:15:16
  • Zuletzt bearbeitet 21.11.2024 05:25:29

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Application Container - JavaEE). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated a...

  • EPSS 0.89%
  • Veröffentlicht 15.01.2020 17:15:16
  • Zuletzt bearbeitet 21.11.2024 05:25:30

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows high privileged ...