Oracle Weblogic Server vulnerabilities

306 known vulnerabilities affecting oracle/weblogic_server.

Total CVEs
306
CISA KEV
15
actively exploited
Public exploits
33
Exploited in wild
22
Severity breakdown
CRITICAL81HIGH92MEDIUM129LOW4

Vulnerabilities

Page 16 of 16
CVE-2010-0073CRITICALCVSS 10.0v7.0v8.1+5 more2010-04-14
CVE-2010-0073 [CRITICAL] CVE-2010-0073: Unspecified vulnerability in the WebLogic Server in Oracle WebLogic Server 7.0 SP7, 8.1 SP6, 9.0, 9. Unspecified vulnerability in the WebLogic Server in Oracle WebLogic Server 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, and 10.3.2 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
nvd
CVE-2008-3257CRITICALCVSS 10.0PoC≤ 10.32008-07-22
CVE-2008-3257 [CRITICAL] CWE-119 CVE-2008-3257: Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and earlier allows remote attackers to execute arbitrary code via a long HTTP version string, as demonstrated by a string after "POST /.jsp" in an HTTP request.
nvd
CVE-2008-2579HIGHCVSS 7.5v6.1v7.0+5 more2008-07-15
CVE-2008-2579 [HIGH] CVE-2008-2579: Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers compone Unspecified vulnerability in the WebLogic Server Plugins for Apache, Sun and IIS web servers component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 has unknown impact and remote attack vectors.
nvd
CVE-2008-2578MEDIUMCVSS 4.3v9.2v10.02008-07-15
CVE-2008-2578 [MEDIUM] CVE-2008-2578: Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 and 9.2 Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 and 9.2 MP1 has unknown impact and local attack vectors.
nvd
CVE-2008-2576MEDIUMCVSS 4.4v8.1v9.0+2 more2008-07-15
CVE-2008-2576 [MEDIUM] CVE-2008-2576: Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 9.2, 9.1, 9.0 Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 9.2, 9.1, 9.0, and 8.1 SP6 has unknown impact and local attack vectors.
nvd
CVE-2008-2577MEDIUMCVSS 4.6v9.22008-07-15
CVE-2008-2577 [MEDIUM] CVE-2008-2577: Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 9.2 MP1 has u Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 9.2 MP1 has unknown impact and remote authenticated attack vectors.
nvd
← Previous16 / 16