Oracle

Weblogic Server

306 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2019-3739

  • EPSS 1.24%
  • Veröffentlicht 18.09.2019 23:15:11
  • Zuletzt bearbeitet 21.11.2024 04:42:26

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover ECDSA key...

6.5

CVE-2019-3740

  • EPSS 1.24%
  • Veröffentlicht 18.09.2019 23:15:11
  • Zuletzt bearbeitet 21.11.2024 04:42:26

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover DSA keys...

9.8

CVE-2019-14540

  • EPSS 7.08%
  • Veröffentlicht 15.09.2019 22:15:10
  • Zuletzt bearbeitet 21.11.2024 04:26:55

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.

9.8

CVE-2019-16335

  • EPSS 0.65%
  • Veröffentlicht 15.09.2019 22:15:10
  • Zuletzt bearbeitet 21.11.2024 04:30:32

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.

5.5

CVE-2019-12400

  • EPSS 0.59%
  • Veröffentlicht 23.08.2019 21:15:11
  • Zuletzt bearbeitet 21.11.2024 04:22:45

In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However, if some untrusted code can register a malicious implementation with t...

7.5

CVE-2019-10086

  • EPSS 0.32%
  • Veröffentlicht 20.08.2019 21:15:12
  • Zuletzt bearbeitet 21.11.2024 04:18:22

In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by defa...

9.8

CVE-2019-2856

  • EPSS 2.71%
  • Veröffentlicht 23.07.2019 23:15:45
  • Zuletzt bearbeitet 21.11.2024 04:41:41

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Application Container - JavaEE). Supported versions that are affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker wit...

5.5

CVE-2019-2827

  • EPSS 0.5%
  • Veröffentlicht 23.07.2019 23:15:44
  • Zuletzt bearbeitet 21.11.2024 04:41:38

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privil...

5.5

CVE-2019-2824

  • EPSS 0.5%
  • Veröffentlicht 23.07.2019 23:15:43
  • Zuletzt bearbeitet 21.11.2024 04:41:38

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privil...

9.8

CVE-2019-2729

Exploit
  • EPSS 94.36%
  • Veröffentlicht 19.06.2019 23:15:10
  • Zuletzt bearbeitet 21.11.2024 04:41:26

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated at...