Vulnerabilities > Oracle > Weblogic Server
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-15 | CVE-2020-2519 | Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). | 4.3 |
| 2020-01-03 | CVE-2019-20330 | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking. | 9.8 |
| 2019-12-20 | CVE-2019-17571 | Deserialization of Untrusted Data vulnerability in multiple products Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. | 9.8 |
| 2019-11-08 | CVE-2019-10219 | Cross-site Scripting vulnerability in multiple products A vulnerability was found in Hibernate-Validator. | 6.1 |
| 2019-10-16 | CVE-2019-2891 | Unspecified vulnerability in Oracle Weblogic Server 10.3.6.0.0/12.1.3.0.0/12.2.1.3.0 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). | 8.1 |
| 2019-10-16 | CVE-2019-2890 | Unspecified vulnerability in Oracle Weblogic Server 10.3.6.0.0/12.1.3.0.0/12.2.1.3.0 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). | 7.2 |
| 2019-10-16 | CVE-2019-2889 | Unspecified vulnerability in Oracle Weblogic Server 12.2.1.3.0 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Sample apps). | 6.1 |
| 2019-10-16 | CVE-2019-2888 | Unspecified vulnerability in Oracle Weblogic Server 10.3.6.0.0/12.1.3.0.0/12.2.1.3.0 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: EJB Container). | 5.3 |
| 2019-10-16 | CVE-2019-2887 | Unspecified vulnerability in Oracle Weblogic Server 10.3.6.0.0/12.1.3.0.0/12.2.1.3.0 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). | 4.3 |
| 2019-10-15 | CVE-2019-17195 | Improper Handling of Exceptional Conditions vulnerability in multiple products Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentication bypass. | 9.8 |