Vulnerabilities > Oracle > Weblogic Server > 14.1.1.0.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-20 | CVE-2021-35552 | Unspecified vulnerability in Oracle Weblogic Server 12.2.1.3.0/12.2.1.4.0/14.1.1.0.0 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Diagnostics). | 5.0 |
| 2021-09-19 | CVE-2021-40690 | Information Exposure vulnerability in multiple products All versions of Apache Santuario - XML Security for Java prior to 2.2.3 and 2.1.7 are vulnerable to an issue where the "secureValidation" property is not passed correctly when creating a KeyInfo from a KeyInfoReference element. | 7.5 |
| 2021-07-21 | CVE-2021-2351 | Session Fixation vulnerability in Oracle products Vulnerability in the Advanced Networking Option component of Oracle Database Server. | 8.3 |
| 2021-07-21 | CVE-2021-2376 | Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). | 5.0 |
| 2021-07-21 | CVE-2021-2378 | Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). | 5.0 |
| 2021-07-21 | CVE-2021-2382 | Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Security). | 7.5 |
| 2021-07-21 | CVE-2021-2394 | Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). | 10.0 |
| 2021-07-21 | CVE-2021-2397 | Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). | 7.5 |
| 2021-07-21 | CVE-2021-2403 | Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). | 5.0 |
| 2021-05-26 | CVE-2021-28170 | Expression Language Injection vulnerability in multiple products In the Jakarta Expression Language implementation 3.0.3 and earlier, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid. | 5.0 |