Oracle

Weblogic Server

322 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 11.03%
  • Veröffentlicht 15.10.2019 14:15:12
  • Zuletzt bearbeitet 21.11.2024 04:31:50

Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentication bypass.

  • EPSS 5.33%
  • Veröffentlicht 12.10.2019 21:15:08
  • Zuletzt bearbeitet 21.11.2024 04:32:27

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-ext...

  • EPSS 8.95%
  • Veröffentlicht 08.10.2019 14:15:10
  • Zuletzt bearbeitet 12.05.2025 17:37:16

The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted ASN.1 data. This is fixed in 1.64.

  • EPSS 4.59%
  • Veröffentlicht 07.10.2019 00:15:10
  • Zuletzt bearbeitet 21.11.2024 04:31:59

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup.

  • EPSS 5.68%
  • Veröffentlicht 01.10.2019 17:15:10
  • Zuletzt bearbeitet 21.11.2024 04:31:23

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1....

  • EPSS 4.86%
  • Veröffentlicht 01.10.2019 17:15:10
  • Zuletzt bearbeitet 21.11.2024 04:31:23

A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) ja...

  • EPSS 2.54%
  • Veröffentlicht 18.09.2019 23:15:11
  • Zuletzt bearbeitet 21.11.2024 04:42:26

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to Information Exposure Through Timing Discrepancy vulnerabilities during ECDSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover ECDSA key...

  • EPSS 3.75%
  • Veröffentlicht 18.09.2019 23:15:11
  • Zuletzt bearbeitet 21.11.2024 04:42:26

RSA BSAFE Crypto-J versions prior to 6.2.5 are vulnerable to an Information Exposure Through Timing Discrepancy vulnerabilities during DSA key generation. A malicious remote attacker could potentially exploit those vulnerabilities to recover DSA keys...

  • EPSS 10.68%
  • Veröffentlicht 15.09.2019 22:15:10
  • Zuletzt bearbeitet 21.11.2024 04:26:55

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.

  • EPSS 4.92%
  • Veröffentlicht 15.09.2019 22:15:10
  • Zuletzt bearbeitet 21.11.2024 04:30:32

A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.