Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bea weblogic server 9.2 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-0895
BEA WebLogic Server and WebLogic Express 6.1 up to and including 10.0 allows remote malicious users to bypass authentication for application servlets via crafted request headers.
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 9.0
Bea Weblogic Server 10.0
Bea Weblogic Server 9.1
Bea Weblogic Server 9.2
NA
CVE-2008-0869
Cross-site scripting (XSS) vulnerability in BEA WebLogic Workshop 8.1 through SP6 and Workshop for WebLogic 9.0 up to and including 10.0 allows remote malicious users to inject arbitrary web script or HTML via a "framework defined request parameter" when using WebLogic ...
Bea Weblogic Workshop 8.1
Bea Weblogic Server 9.2
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
Bea Systems Weblogic 10.0
NA
CVE-2008-0901
BEA WebLogic Server and Express 7.0 up to and including 10.0 allows remote malicious users to conduct brute force password guessing attacks, even when account lockout has been activated, via crafted URLs that indicate whether a guessed password is successful or not.
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 9.2
Bea Weblogic Server 10.0
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
Bea Systems Weblogic Server 10.0 Mp1
NA
CVE-2010-2375
Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebLogic Server component in Oracle Fusion Middleware 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, 10.3.2, and 10.3.3 allows remote malicious users to affect confidentiality and inte...
Oracle Weblogic Server 10.3.2.0.0
Bea Weblogic Server 9.2
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
Bea Systems Weblogic Server 10.0
Oracle Weblogic Server 10.3.3.0.0
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
1 EDB exploit
NA
CVE-2008-3257
Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and previous versions allows remote malicious users to execute arbitrary code via a long HTTP version string, as demonstrated by a string after "POST /....
Bea Weblogic Server 3.1.8
Bea Weblogic Server 4.5.1
Bea Weblogic Server 4.5.2
Bea Weblogic Server 5.1
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0.0.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
Bea Weblogic Server 10.0
Bea Weblogic Server 6.0
Bea Weblogic Server 9.2
Bea Weblogic Server 4.0
Bea Weblogic Server 4.0.4
Bea Systems Apache Connector In Weblogic Server
Bea Weblogic Server 4.5
Bea Systems Weblogic Server 10.0 Mp1
Oracle Weblogic Server
2 EDB exploits
1 Github repository
NA
CVE-2007-4615
The SSL client implementation in BEA WebLogic Server 7.0 SP7, 8.1 SP2 through SP6, 9.0, 9.1, 9.2 Gold through MP2, and 10.0 sometimes selects the null cipher when others are available, which might allow remote malicious users to intercept communications.
Bea Weblogic Server 8.1
Bea Weblogic Server 7.0
Bea Weblogic Server
Bea Weblogic Server 10.0
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
NA
CVE-2008-2581
Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 has unknown impact and remote attack vectors related to UDDI Explorer.
Oracle Bea Product Suite 10.0
Oracle Bea Product Suite 7.0
Oracle Weblogic Server Component 8.1
Oracle Weblogic Server Component 9.0
Oracle Bea Product Suite 8.1
Oracle Bea Product Suite 9.0
Oracle Weblogic Server Component 9.1
Oracle Weblogic Server Component 9.2
Oracle Bea Product Suite 9.1
Oracle Bea Product Suite 9.2
Oracle Weblogic Server Component 10.0
Oracle Weblogic Server Component 7.0
NA
CVE-2008-0903
Unspecified vulnerability in the BEA WebLogic Server and Express proxy plugin, as distributed before November 2007 and prior to 9.2 MP3 and 10.0 MP2, allows remote malicious users to cause a denial of service (web server crash) via a crafted URL.
Bea Systems Weblogic Server
Bea Systems Weblogic Express
NA
CVE-2008-2580
Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, and 9.0 has unknown impact and remote attack vectors.
Oracle Bea Product Suite
Oracle Bea Product Suite 10.0
Oracle Bea Product Suite 9.0
Oracle Bea Product Suite 9.1
Oracle Bea Product Suite 9.2
Oracle Weblogic Server Component
NA
CVE-2008-2582
Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 has unknown impact and remote attack vectors.
Oracle Bea Product Suite 9.0
Oracle Bea Product Suite 9.1
Oracle Bea Product Suite 9.2
Oracle Weblogic Server Component
Oracle Bea Product Suite 10.0
Oracle Bea Product Suite 7.0
Oracle Bea Product Suite 8.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »