Vulnerabilities > Oracle > Weblogic Server > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-15 | CVE-2024-21216 | Unspecified vulnerability in Oracle Weblogic Server 12.2.1.4.0/14.1.1.0.0 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). | 9.8 |
| 2022-04-25 | CVE-2022-23457 | ESAPI (The OWASP Enterprise Security API) is a free, open source, web application security control library. | 9.8 |
| 2022-04-01 | CVE-2022-22965 | Code Injection vulnerability in multiple products A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. | 9.8 |
| 2022-01-18 | CVE-2022-23305 | SQL Injection vulnerability in multiple products By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. | 9.8 |
| 2021-12-17 | CVE-2021-23450 | All versions of package dojo are vulnerable to Prototype Pollution via the setObject function. | 9.8 |
| 2021-03-23 | CVE-2021-21347 | XStream is a Java library to serialize objects to XML and back again. | 9.8 |
| 2021-03-23 | CVE-2021-21350 | XStream is a Java library to serialize objects to XML and back again. | 9.8 |
| 2020-07-15 | CVE-2020-14625 | Unspecified vulnerability in Oracle Weblogic Server 12.2.1.3.0/12.2.1.4.0/14.1.1.0.0 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). | 9.8 |
| 2020-07-15 | CVE-2020-14644 | Unspecified vulnerability in Oracle Weblogic Server 12.2.1.3.0/12.2.1.4.0/14.1.1.0.0 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). | 9.8 |
| 2020-07-15 | CVE-2020-14645 | Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). | 9.8 |