Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bea weblogic server vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2007-0410
Unspecified vulnerability in the thread management in BEA WebLogic 7.0 up to and including 7.0 SP6, 8.1 up to and including 8.1 SP5, 9.0, and 9.1, when T3 authentication is used, allows remote malicious users to cause a denial of service (thread and system hang) via unspecified &...
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 9.1
Bea Weblogic Server 9.0
5
CVSSv2
CVE-2007-0412
BEA WebLogic Server 6.1 up to and including 6.1 SP7, 7.0 up to and including 7.0 SP7, and 8.1 up to and including 8.1 SP5 allows remote malicious users to read arbitrary files inside the class-path property via .ear or exploded .ear files that use the manifest class-path property...
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
5
CVSSv2
CVE-2007-0414
BEA WebLogic Server 6.1 up to and including 6.1 SP7, 7.0 up to and including 7.0 SP6, 8.1 up to and including 8.1 SP5, and 9.0 allows remote malicious users to cause a denial of service (server hang) via certain requests that cause muxer threads to block when processing error pag...
Bea Weblogic Server
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 9.0
5
CVSSv2
CVE-2007-0419
The BEA WebLogic Server proxy plug-in before June 2006 for the Apache HTTP Server does not properly handle protocol errors, which allows remote malicious users to cause a denial of service (server outage).
Bea Weblogic Server
5
CVSSv2
CVE-2007-0420
BEA WebLogic Server 9.0, 9.1, and 9.2 Gold allows remote malicious users to obtain sensitive information via malformed HTTP requests, which reveal data from previous requests.
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
Bea Weblogic Server 9.2
5
CVSSv2
CVE-2007-0422
BEA WebLogic Server 9.0, 9.1, and 9.2 Gold, when running on Solaris 9, allows remote malicious users to cause a denial of service (server inaccessibility) via manipulated socket connections.
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
Bea Weblogic Server 9.2
5
CVSSv2
CVE-2007-0424
Unspecified vulnerability in the BEA WebLogic Server proxy plug-in for Netscape Enterprise Server before September 2006 for Netscape Enterprise Server allow remote malicious users to cause a denial of service via certain requests that trigger errors that lead to a server being ma...
Bea Weblogic Server
5
CVSSv2
CVE-2007-0415
BEA WebLogic Server 8.1 up to and including 8.1 SP5 does not properly enforce access control after a dynamic update and dynamic redeployment of an application that is implemented through exploded jars, which allows malicious users to bypass intended access restrictions.
Bea Weblogic Server 8.1
Bea Weblogic Server
5
CVSSv2
CVE-2006-2546
A recommended admin password reset mechanism for BEA WebLogic Server 8.1, when followed before October 10, 2005, causes the administrator password to be stored in cleartext in the domain directory, which could allow malicious users to gain privileges.
Bea Weblogic Server 8.1
5
CVSSv2
CVE-2006-2471
Multiple vulnerabilities in BEA WebLogic Server 8.1 through SP4, 7.0 through SP6, and 6.1 through SP7 leak sensitive information to remote attackers, including (1) DNS and IP addresses to address to T3 clients, (2) internal sensitive information using GetIORServlet, (3) certain &...
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
CVE-2023-52162
CVE-2024-23670
CVE-2024-5404
man-in-the-middle
CVE-2024-5214
CVE-2024-4358
CVE-2024-20696
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »