Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2018-01-18	CVE-2015-9251	Cross-site Scripting vulnerability in multiple products jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed. network low complexity jquery oracle CWE-79	6.1
2018-01-18	CVE-2018-2625	Unspecified vulnerability in Oracle Weblogic Server 12.1.3.0.0/12.2.1.2.0/12.2.1.3.0 Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). network low complexity oracle	5.3
2017-12-01	CVE-2017-15707	Improper Input Validation vulnerability in multiple products In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload. local low complexity apache netapp oracle CWE-20	6.2
2017-10-19	CVE-2017-10336	Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Container). network low complexity oracle	5.3
2017-10-19	CVE-2017-10334	Information Exposure vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Container). network low complexity oracle CWE-200	4.3
2017-10-19	CVE-2017-10152	Information Exposure vulnerability in Oracle Weblogic Server 10.3.6.0.0/12.1.3.0.0 Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Container). network low complexity oracle CWE-200	6.5
2017-08-08	CVE-2017-10178	Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Container). network low complexity oracle	6.1
2017-08-08	CVE-2017-10148	Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Core Components). network low complexity oracle	5.8
2017-08-08	CVE-2017-10123	Unspecified vulnerability in Oracle Weblogic Server 12.1.3.0.0 Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Container). network low complexity oracle	4.3
2017-08-08	CVE-2017-10063	Unspecified vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). network high complexity oracle	4.8