Vulnerabilities > Oracle > Weblogic Server
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-04-24 | CVE-2017-3506 | Remote Security vulnerability in Oracle WebLogic Server Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). network oracle | 5.8 |
2017-04-17 | CVE-2017-5645 | Deserialization of Untrusted Data vulnerability in multiple products In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code. | 9.8 |
2017-03-15 | CVE-2016-7103 | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function. | 6.1 |
2017-01-27 | CVE-2017-3248 | Remote Security vulnerability in Oracle WebLogic Server Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Core Components). | 7.5 |
2016-10-25 | CVE-2016-5601 | Improper Access Control vulnerability in Oracle Weblogic Server 12.1.3.0.0/12.2.1.0.0/12.2.1.1.0 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows local users to affect confidentiality and integrity via vectors related to CIE Related Components. | 3.3 |
2016-10-25 | CVE-2016-5535 | Remote Code Execution vulnerability in Oracle WebLogic Server Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | 7.5 |
2016-10-25 | CVE-2016-5531 | Remote Security vulnerability in Oracle Weblogic Server 10.3.6.0.0/12.1.3.0.0/12.2.1.0.0 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS-WebServices. | 7.5 |
2016-10-25 | CVE-2016-5488 | Remote Security vulnerability in Oracle Weblogic Server 10.3.6.0.0/12.1.3.0.0 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0 and 12.1.3.0 allows remote attackers to affect availability via vectors related to Web Container, a different vulnerability than CVE-2016-3445. | 5.0 |
2016-10-25 | CVE-2016-3551 | Remote Security vulnerability in Oracle Fusion Middleware Unspecified vulnerability in the Oracle Web Services component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXWS Web Services Stack. | 10.0 |
2016-10-25 | CVE-2016-3505 | Remote Security vulnerability in Oracle Weblogic Server 10.3.6.0.0/12.1.3.0.0/12.2.1.0.0 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to JavaServer Faces. | 9.0 |