Vulnerabilities > Oracle > Weblogic Server

DATE CVE VULNERABILITY TITLE RISK
2017-08-08 CVE-2017-10178 Unspecified vulnerability in Oracle Weblogic Server
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Container).
network
low complexity
oracle
6.1
6.1
2017-08-08 CVE-2017-10148 Unspecified vulnerability in Oracle Weblogic Server
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Core Components).
network
low complexity
oracle
5.8
5.8
2017-08-08 CVE-2017-10147 Unspecified vulnerability in Oracle Weblogic Server
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Core Components).
network
low complexity
oracle
8.6
8.6
2017-08-08 CVE-2017-10137 Unspecified vulnerability in Oracle Weblogic Server 10.3.6.0.0/12.1.3.0.0
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: JNDI).
network
low complexity
oracle
critical
 10.0
10
2017-08-08 CVE-2017-10123 Unspecified vulnerability in Oracle Weblogic Server 12.1.3.0.0
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Container).
network
low complexity
oracle
4.3
4.3
2017-08-08 CVE-2017-10063 Unspecified vulnerability in Oracle Weblogic Server
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services).
network
high complexity
oracle
4.8
4.8
2017-04-24 CVE-2017-3531 Unspecified vulnerability in Oracle Weblogic Server
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Servlet Runtime).
network
low complexity
oracle
7.2
7.2
2017-04-24 CVE-2017-3506 Unspecified vulnerability in Oracle Weblogic Server
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services).
network
high complexity
oracle
7.4
7.4
2017-04-17 CVE-2017-5645 Deserialization of Untrusted Data vulnerability in multiple products
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.
network
low complexity
apache netapp redhat oracle CWE-502
critical
 9.8
9.8
2017-03-15 CVE-2016-7103 Cross-site Scripting vulnerability in multiple products
Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function. 		6.1
6.1