Oracle

Weblogic Server

309 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2017-10137

  • EPSS 4.73%
  • Veröffentlicht 08.08.2017 15:29:04
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: JNDI). Supported versions that are affected are 10.3.6.0 and 12.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network acce...

8.6

CVE-2017-10147

  • EPSS 8.63%
  • Veröffentlicht 08.08.2017 15:29:04
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.1 and 12.2.1.2. Easily exploitable vulnerability allows unauthentic...

5.8

CVE-2017-10148

  • EPSS 2.25%
  • Veröffentlicht 08.08.2017 15:29:04
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.1 and 12.2.1.2. Easily exploitable vulnerability allows unauthentic...

5.8

CVE-2017-10063

  • EPSS 0.96%
  • Veröffentlicht 08.08.2017 15:29:02
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.1 and 12.2.1.2. Difficult to exploit vulnerability allows unauthentica...

7.4

CVE-2017-3506

Warnung
  • EPSS 94.39%
  • Veröffentlicht 24.04.2017 19:59:03
  • Zuletzt bearbeitet 22.04.2026 13:39:47

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.0, 12.2.1.1 and 12.2.1.2. Difficult to exploit vulnerability allows un...

7.2

CVE-2017-3531

  • EPSS 1.19%
  • Veröffentlicht 24.04.2017 19:59:03
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Servlet Runtime). Supported versions that are affected are 12.1.3.0, 12.2.1.0, 12.2.1.1 and 12.2.1.2. Easily "exploitable" vulnerability allows unauthent...

9.8

CVE-2017-5645

  • EPSS 94.01%
  • Veröffentlicht 17.04.2017 21:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.

6.1

CVE-2016-7103

Exploit
  • EPSS 1.4%
  • Veröffentlicht 15.03.2017 16:59:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.

10

CVE-2017-5638

Warnung Medienbericht Exploit
  • EPSS 94.27%
  • Veröffentlicht 11.03.2017 02:59:00
  • Zuletzt bearbeitet 21.04.2026 17:04:11

The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a...

9.8

CVE-2017-3248

  • EPSS 91.19%
  • Veröffentlicht 27.01.2017 22:59:02
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.0 and 12.2.1.1. Easily exploitable vulnerability allows unauthentic...