Vulnerabilities > Oracle > Weblogic Server > 12.2.1.4.0

DATE CVE VULNERABILITY TITLE RISK
2020-01-15 CVE-2020-2544 Unspecified vulnerability in Oracle Weblogic Server
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console).
network
low complexity
oracle
4.3
4.3
2020-01-15 CVE-2020-2519 Unspecified vulnerability in Oracle Weblogic Server
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console).
network
low complexity
oracle
4.3
4.3
2020-01-03 CVE-2019-20330 Deserialization of Untrusted Data vulnerability in multiple products
FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking.
network
low complexity
fasterxml oracle debian netapp CWE-502
critical
 9.8
9.8
2019-12-20 CVE-2019-17571 Deserialization of Untrusted Data vulnerability in multiple products
Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data.
network
low complexity
apache debian canonical opensuse netapp oracle CWE-502
critical
 9.8
9.8
2019-11-08 CVE-2019-10219 A vulnerability was found in Hibernate-Validator.
network
low complexity
redhat netapp oracle
6.1
6.1
2019-10-15 CVE-2019-17195 Improper Handling of Exceptional Conditions vulnerability in multiple products
Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentication bypass.
network
low complexity
connect2id apache oracle CWE-755
critical
 9.8
9.8
2019-10-12 CVE-2019-17531 Deserialization of Untrusted Data vulnerability in multiple products
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10.
network
low complexity
fasterxml debian redhat oracle netapp CWE-502
critical
 9.8
9.8
2019-10-08 CVE-2019-17359 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted ASN.1 data.
network
low complexity
bouncycastle apache netapp oracle CWE-770
7.5
7.5
2019-10-01 CVE-2019-16943 Deserialization of Untrusted Data vulnerability in multiple products
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10.
network
low complexity
fasterxml debian fedoraproject redhat oracle netapp CWE-502
critical
 9.8
9.8
2019-10-01 CVE-2019-16942 Deserialization of Untrusted Data vulnerability in multiple products
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10.
network
low complexity
fasterxml debian fedoraproject redhat netapp oracle CWE-502
critical
 9.8
9.8