Vulnerabilities > Oracle > Weblogic Server
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-16 | CVE-2018-1324 | Infinite Loop vulnerability in multiple products A specially crafted ZIP archive can be used to cause an infinite loop inside of Apache Commons Compress' extra field parser used by the ZipFile and ZipArchiveInputStream classes in versions 1.11 to 1.15. | 5.5 |
| 2018-01-18 | CVE-2015-9251 | Cross-site Scripting vulnerability in multiple products jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed. | 6.1 |
| 2018-01-18 | CVE-2018-2625 | Unspecified vulnerability in Oracle Weblogic Server 12.1.3.0.0/12.2.1.2.0/12.2.1.3.0 Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). | 5.3 |
| 2017-12-01 | CVE-2017-15707 | Improper Input Validation vulnerability in multiple products In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload. | 6.2 |
| 2017-11-13 | CVE-2016-8610 | Resource Exhaustion vulnerability in multiple products A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. | 7.5 |
| 2017-10-19 | CVE-2017-10352 | Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). | 9.9 |
| 2017-10-19 | CVE-2017-10336 | Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Container). | 5.3 |
| 2017-10-19 | CVE-2017-10334 | Information Exposure vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Container). | 4.3 |
| 2017-10-19 | CVE-2017-10271 | Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Security). | 7.5 |
| 2017-10-19 | CVE-2017-10152 | Information Exposure vulnerability in Oracle Weblogic Server 10.3.6.0.0/12.1.3.0.0 Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Container). | 6.5 |