Vulnerabilities > Oracle > Weblogic Server
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-17 | CVE-2020-5397 | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Spring MVC (spring-webmvc module) or Spring WebFlux (spring-webflux module) endpoints. | 5.3 |
| 2020-01-17 | CVE-2020-5398 | Download of Code Without Integrity Check vulnerability in multiple products In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from user supplied input. | 7.5 |
| 2020-01-15 | CVE-2020-2552 | Unspecified vulnerability in Oracle Weblogic Server 10.3.6.0.0/12.1.3.0.0 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core Components). | 4.8 |
| 2020-01-15 | CVE-2020-2551 | Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core Components). | 9.8 |
| 2020-01-15 | CVE-2020-2550 | Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core Components). | 5.1 |
| 2020-01-15 | CVE-2020-2549 | Unspecified vulnerability in Oracle Weblogic Server 10.3.6.0.0 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core Components). | 7.2 |
| 2020-01-15 | CVE-2020-2548 | Unspecified vulnerability in Oracle Weblogic Server 10.3.6.0.0 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core Components). | 4.8 |
| 2020-01-15 | CVE-2020-2547 | Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). | 4.8 |
| 2020-01-15 | CVE-2020-2546 | Unspecified vulnerability in Oracle Weblogic Server 10.3.6.0.0/12.1.3.0.0 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Application Container - JavaEE). | 9.8 |
| 2020-01-15 | CVE-2020-2544 | Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). | 4.3 |