Oracle

Weblogic Server

309 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2021-41182

Exploit
  • EPSS 27.51%
  • Veröffentlicht 26.10.2021 15:15:10
  • Zuletzt bearbeitet 21.11.2024 06:25:41

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any str...

6.1

CVE-2021-41183

Exploit
  • EPSS 2.92%
  • Veröffentlicht 26.10.2021 15:15:10
  • Zuletzt bearbeitet 21.11.2024 06:25:42

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The v...

6.1

CVE-2021-41184

  • EPSS 25.37%
  • Veröffentlicht 26.10.2021 15:15:10
  • Zuletzt bearbeitet 04.11.2025 16:15:43

jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string v...

5

CVE-2021-35620

  • EPSS 3.45%
  • Veröffentlicht 20.10.2021 11:17:12
  • Zuletzt bearbeitet 21.11.2024 06:12:39

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthe...

7.5

CVE-2021-35617

  • EPSS 4.21%
  • Veröffentlicht 20.10.2021 11:17:11
  • Zuletzt bearbeitet 21.11.2024 06:12:39

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Coherence Container). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unau...

5.3

CVE-2021-35552

  • EPSS 1.18%
  • Veröffentlicht 20.10.2021 11:16:32
  • Zuletzt bearbeitet 21.11.2024 06:12:30

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Diagnostics). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker...

7.5

CVE-2021-40690

  • EPSS 0.28%
  • Veröffentlicht 19.09.2021 18:15:07
  • Zuletzt bearbeitet 21.11.2024 06:24:34

All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. This allows an attacke...

5

CVE-2021-2403

  • EPSS 1.82%
  • Veröffentlicht 21.07.2021 15:15:49
  • Zuletzt bearbeitet 21.11.2024 06:03:03

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthe...

7.5

CVE-2021-2397

  • EPSS 2.32%
  • Veröffentlicht 21.07.2021 15:15:45
  • Zuletzt bearbeitet 21.11.2024 06:03:02

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthe...

10

CVE-2021-2394

  • EPSS 90.16%
  • Veröffentlicht 21.07.2021 15:15:43
  • Zuletzt bearbeitet 21.11.2024 06:03:02

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthe...