Vulnerabilities > Oracle > Weblogic Server > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-01-18 CVE-2018-2625 Unspecified vulnerability in Oracle Weblogic Server 12.1.3.0.0/12.2.1.2.0/12.2.1.3.0
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services).
network
low complexity
oracle
5.3
2017-12-01 CVE-2017-15707 Improper Input Validation vulnerability in multiple products
In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload.
local
low complexity
apache netapp oracle CWE-20
6.2
2017-10-19 CVE-2017-10336 Unspecified vulnerability in Oracle Weblogic Server
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Container).
network
low complexity
oracle
5.3
2017-10-19 CVE-2017-10334 Information Exposure vulnerability in Oracle Weblogic Server
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Container).
network
low complexity
oracle CWE-200
4.3
2017-10-19 CVE-2017-10152 Information Exposure vulnerability in Oracle Weblogic Server 10.3.6.0.0/12.1.3.0.0
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Container).
network
low complexity
oracle CWE-200
6.5
2017-08-08 CVE-2017-10178 Unspecified vulnerability in Oracle Weblogic Server
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Container).
network
low complexity
oracle
6.1
2017-08-08 CVE-2017-10148 Unspecified vulnerability in Oracle Weblogic Server
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Core Components).
network
low complexity
oracle
5.8
2017-08-08 CVE-2017-10123 Unspecified vulnerability in Oracle Weblogic Server 12.1.3.0.0
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Container).
network
low complexity
oracle
4.3
2017-08-08 CVE-2017-10063 Unspecified vulnerability in Oracle Weblogic Server
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services).
network
high complexity
oracle
4.8
2017-03-15 CVE-2016-7103 Cross-site Scripting vulnerability in multiple products
Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.
6.1