Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bea weblogic server 6.1 vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2007-4613
SSL libraries in BEA WebLogic Server 6.1 Gold through SP7, 7.0 Gold through SP7, and 8.1 Gold through SP5 might allow remote malicious users to obtain plaintext from an SSL stream via a man-in-the-middle attack that injects crafted data and measures the elapsed time before an err...
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 6.0
694
VMScore
CVE-2007-4617
Unspecified vulnerability in BEA WebLogic Server 6.1 Gold through SP7, 7.0 Gold through SP7, and 8.1 Gold through SP4 allows remote malicious users to cause a denial of service (server thread hang) via unspecified vectors.
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 6.0
445
VMScore
CVE-2003-1220
BEA WebLogic Server proxy plugin for BEA Weblogic Express and Server 6.1 up to and including 8.1 SP 1 allows remote malicious users to cause a denial of service (proxy plugin crash) via a malformed URL.
Bea Weblogic Server 8.1
Bea Weblogic Server 7.0
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0.0.1
445
VMScore
CVE-2003-1223
The Node Manager for BEA WebLogic Express and Server 6.1 up to and including 8.1 SP 1 allows remote malicious users to cause a denial of service (Node Manager crash) via malformed data to the Node Manager's port, as demonstrated by nmap.
Bea Weblogic Server 8.1
Bea Weblogic Server 7.0
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0.0.1
490
VMScore
CVE-2004-2696
BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, when using Remote Method Invocation (RMI) over Internet Inter-ORB Protocol (IIOP), does not properly handle when multiple logins for different users coming from the same client, which could cause an "unexpected user...
Bea Weblogic Server 8.1
Bea Weblogic Server 7.0
Bea Weblogic Server 7.0.0.1
Bea Weblogic Server 6.1
516
VMScore
CVE-2004-2320
The default configuration of BEA WebLogic Server and Express 8.1 SP2 and previous versions, 7.0 SP4 and previous versions, 6.1 through SP6, and 5.1 through SP13 responds to the HTTP TRACE request, which can allow remote malicious users to steal information using cross-site tracin...
Bea Weblogic Server 5.1
Bea Weblogic Server 8.1
Bea Weblogic Server 7.0
Bea Weblogic Server 6.1
668
VMScore
CVE-2002-2142
An undocumented extension for the Servlet mappings in the Servlet 2.3 specification, when upgrading to WebLogic Server and Express 7.0 Service Pack 1 from BEA WebLogic Server and Express 6.0 up to and including 7.0.0.1, does not prepend a "/" character in certain URL pa...
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 6.0
Bea Weblogic Server 7.0.0.1
Bea Weblogic Integration 7.0
570
VMScore
CVE-2008-0895
BEA WebLogic Server and WebLogic Express 6.1 up to and including 10.0 allows remote malicious users to bypass authentication for application servlets via crafted request headers.
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 9.0
Bea Weblogic Server 9.2
Bea Weblogic Server 9.1
Bea Weblogic Server 10.0
445
VMScore
CVE-2005-4704
Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 8.1 through SP3, 7.0 through SP6, and 6.1 through SP7, when SSL is intended to be used, causes an unencrypted protocol to be used in certain unspecified circumstances, which causes user credentials to be sent a...
Bea Weblogic Server 6.1
Bea Weblogic Server 8.1
Bea Weblogic Server 7.0
107
VMScore
CVE-2005-4761
BEA WebLogic Server and WebLogic Express 8.1 SP4 and previous versions, 7.0 SP5 and previous versions, and 6.1 SP7 and previous versions log the Java command line at server startup, which might include sensitive information (passwords or keyphrases) in the server log file when th...
Bea Weblogic Server 8.1
Bea Weblogic Server 7.0
Bea Weblogic Server 6.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »