cbcvebase.

Oracle Weblogic Server vulnerabilities

309 known vulnerabilities affecting oracle/weblogic_server.

Total CVEs
309
CISA KEV
16
actively exploited
Public exploits
33
Exploited in wild
22
Severity breakdown
CRITICAL81HIGH94MEDIUM130LOW4

Vulnerabilities

Page 15 of 16
CVE-2016-3551CRITICALCVSS 9.8v11.1.1.7.0v11.1.1.9.0+2 more2016-10-25
CVE-2016-3551 [CRITICAL] CVE-2016-3551: Unspecified vulnerability in the Oracle Web Services component in Oracle Fusion Middleware 11.1.1.7. Unspecified vulnerability in the Oracle Web Services component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JAXWS Web Services Stack.
nvd
CVE-2016-5531CRITICALCVSS 9.8v10.3.6.0.0v12.1.3.0.0+1 more2016-10-25
CVE-2016-5531 [CRITICAL] CVE-2016-5531: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS-WebServices.
nvd
CVE-2016-5535CRITICALCVSS 9.8v10.3.6.0.0v12.1.3.0.0+2 more2016-10-25
CVE-2016-5535 [CRITICAL] CVE-2016-5535: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
nvd
CVE-2016-3505HIGHCVSS 8.8v10.3.6.0.0v12.1.3.0.0+1 more2016-10-25
CVE-2016-3505 [HIGH] CVE-2016-3505: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to JavaServer Faces.
nvd
CVE-2016-5601MEDIUMCVSS 6.3v12.1.3.0.0v12.2.1.0.0+1 more2016-10-25
CVE-2016-5601 [MEDIUM] CWE-284 CVE-2016-5601: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3.0, 12.2.1.0, and 12.2.1.1 allows local users to affect confidentiality and integrity via vectors related to CIE Related Components.
nvd
CVE-2016-5488MEDIUMCVSS 5.3v10.3.6.0.0v12.1.3.0.02016-10-25
CVE-2016-5488 [MEDIUM] CVE-2016-5488: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0 and 12.1.3.0 allows remote attackers to affect availability via vectors related to Web Container, a different vulnerability than CVE-2016-3445.
nvd
CVE-2016-3510CRITICALCVSS 9.8PoCv10.3.6.0.0v12.1.3.0.0+1 more2016-07-21
CVE-2016-3510 [CRITICAL] CVE-2016-3510: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Core Components, a different vulnerability than CVE-2016-3586.
nvd
CVE-2016-3499CRITICALCVSS 9.8v12.1.3.0.0v12.2.1.0.02016-07-21
CVE-2016-3499 [CRITICAL] CVE-2016-3499: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 12.1.3.0 and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Web Container.
nvd
CVE-2016-3586CRITICALCVSS 9.8PoCv10.3.6.0.0v12.1.3.0.0+1 more2016-07-21
CVE-2016-3586 [CRITICAL] CVE-2016-3586: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Core Components, a different vulnerability than CVE-2016-3510.
nvd
CVE-2016-3445MEDIUMCVSS 5.3v10.3.6.0.0v12.1.3.0.02016-07-21
CVE-2016-3445 [MEDIUM] CVE-2016-3445: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6.0 and 12.1.3.0 allows remote attackers to affect availability via vectors related to Web Container, a different vulnerability than CVE-2016-5488.
nvd
CVE-2016-0638CRITICALCVSS 9.8v10.3.6.0.0v12.1.2.0.0+2 more2016-04-21
CVE-2016-0638 [CRITICAL] CVE-2016-0638: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Java Messaging Service.
nvd
CVE-2016-0696MEDIUMCVSS 5.4v10.3.6.0.02016-04-21
CVE-2016-0696 [MEDIUM] CVE-2016-0696: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 allows remote attackers to affect confidentiality and integrity via vectors related to Console.
nvd
CVE-2016-3416MEDIUMCVSS 6.1v10.3.6.0.0v12.1.2.0.0+2 more2016-04-21
CVE-2016-3416 [MEDIUM] CVE-2016-3416: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality and integrity via vectors related to Console.
nvd
CVE-2016-0700MEDIUMCVSS 6.1v10.3.6.0.0v12.1.2.0.0+1 more2016-04-21
CVE-2016-0700 [MEDIUM] CVE-2016-0700: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to Console, a different vulnerability than CVE-2016-0675.
nvd
CVE-2016-0675MEDIUMCVSS 6.1v10.3.6.0.0v12.1.2.0.0+1 more2016-04-21
CVE-2016-0675 [MEDIUM] CVE-2016-0675: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, and 12.1.3 allows remote attackers to affect confidentiality and integrity via vectors related to Console, a different vulnerability than CVE-2016-0700.
nvd
CVE-2016-0688LOWCVSS 3.7v10.3.6.0.0v12.1.2.0.0+1 more2016-04-21
CVE-2016-0688 [LOW] CVE-2016-0688: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, and 12.1.3 allows remote attackers to affect integrity via vectors related to Core Components.
nvd
CVE-2016-0573HIGHCVSS 7.5v10.3.6.0.0v12.1.2.0.0+2 more2016-01-21
CVE-2016-0573 [HIGH] CVE-2016-0573: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Java Messaging Service.
nvd
CVE-2016-0574HIGHCVSS 7.5v10.3.6.0.0v12.1.2.0.0+2 more2016-01-21
CVE-2016-0574 [HIGH] CVE-2016-0574: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Core Components, a different vulnerability than CVE-2016-0577.
nvd
CVE-2016-0577HIGHCVSS 7.5v10.3.6.0.0v12.1.2.0.0+2 more2016-01-21
CVE-2016-0577 [HIGH] CVE-2016-0577: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to WLS Core Components, a different vulnerability than CVE-2016-0574.
nvd
CVE-2016-0572HIGHCVSS 7.5v10.3.6.0.0v12.1.2.0.0+2 more2016-01-21
CVE-2016-0572 [HIGH] CVE-2016-0572: Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6 Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Coherence Container.
nvd
← Previous15 / 16Next →
Oracle Weblogic Server vulnerabilities | cvebase