Oracle

Weblogic Server

306 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2019-2888

  • EPSS 78.68%
  • Veröffentlicht 16.10.2019 18:15:26
  • Zuletzt bearbeitet 21.11.2024 04:41:44

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: EJB Container). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attack...

6.1

CVE-2019-2889

  • EPSS 1.16%
  • Veröffentlicht 16.10.2019 18:15:26
  • Zuletzt bearbeitet 21.11.2024 04:41:44

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Sample apps). The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via H...

7.2

CVE-2019-2890

  • EPSS 90.34%
  • Veröffentlicht 16.10.2019 18:15:26
  • Zuletzt bearbeitet 21.11.2024 04:41:45

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacke...

8.1

CVE-2019-2891

  • EPSS 1.05%
  • Veröffentlicht 16.10.2019 18:15:26
  • Zuletzt bearbeitet 21.11.2024 04:41:45

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Difficult to exploit vulnerability allows unauthenticated attacker w...

9.8

CVE-2019-17195

  • EPSS 5.19%
  • Veröffentlicht 15.10.2019 14:15:12
  • Zuletzt bearbeitet 21.11.2024 04:31:50

Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentication bypass.

9.8

CVE-2019-17531

  • EPSS 1.19%
  • Veröffentlicht 12.10.2019 21:15:08
  • Zuletzt bearbeitet 21.11.2024 04:32:27

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-ext...

7.5

CVE-2019-17359

  • EPSS 7.63%
  • Veröffentlicht 08.10.2019 14:15:10
  • Zuletzt bearbeitet 12.05.2025 17:37:16

The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted ASN.1 data. This is fixed in 1.64.

9.8

CVE-2019-17267

  • EPSS 1.2%
  • Veröffentlicht 07.10.2019 00:15:10
  • Zuletzt bearbeitet 21.11.2024 04:31:59

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.

9.8

CVE-2019-16942

  • EPSS 0.42%
  • Veröffentlicht 01.10.2019 17:15:10
  • Zuletzt bearbeitet 21.11.2024 04:31:23

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1....

9.8

CVE-2019-16943

  • EPSS 1.84%
  • Veröffentlicht 01.10.2019 17:15:10
  • Zuletzt bearbeitet 21.11.2024 04:31:23

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) ja...