Vulnerabilities > Oracle > Weblogic Server > 12.2.1.1.0

DATE CVE VULNERABILITY TITLE RISK
2017-04-24 CVE-2017-3506 Unspecified vulnerability in Oracle Weblogic Server
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services).
network
high complexity
oracle
7.4
2017-03-11 CVE-2017-5638 Improper Handling of Exceptional Conditions vulnerability in multiple products
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string.
network
low complexity
apache ibm lenovo hp oracle arubanetworks netapp CWE-755
critical
9.8
2017-01-27 CVE-2017-3248 Unspecified vulnerability in Oracle Weblogic Server
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Core Components).
network
low complexity
oracle
critical
9.8
2016-10-25 CVE-2016-5601 Improper Access Control vulnerability in Oracle Weblogic Server 12.1.3.0.0/12.2.1.0.0/12.2.1.1.0
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows local users to affect confidentiality and integrity via vectors related to CIE Related Components.
local
low complexity
oracle CWE-284
6.3
2016-10-25 CVE-2016-5535 Unspecified vulnerability in Oracle Weblogic Server
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
network
low complexity
oracle
critical
9.8