Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bea weblogic server 9.0 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2006-0430
Certain configurations of BEA WebLogic Server and WebLogic Express 9.0, 8.1 through SP5, and 7.0 through SP6, when connection filters are enabled, cause the server to run more slowly, which makes it easier for remote malicious users to cause a denial of service (server slowdown).
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 9.0
481
VMScore
CVE-2007-2704
BEA WebLogic Server 9.0 up to and including 9.2 allows remote malicious users to cause a denial of service (SSL port unavailability) by accessing a half-closed SSL socket.
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
Bea Weblogic Server 9.2
445
VMScore
CVE-2007-0420
BEA WebLogic Server 9.0, 9.1, and 9.2 Gold allows remote malicious users to obtain sensitive information via malformed HTTP requests, which reveal data from previous requests.
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
Bea Weblogic Server 9.2
445
VMScore
CVE-2007-0422
BEA WebLogic Server 9.0, 9.1, and 9.2 Gold, when running on Solaris 9, allows remote malicious users to cause a denial of service (server inaccessibility) via manipulated socket connections.
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
Bea Weblogic Server 9.2
570
VMScore
CVE-2006-0419
BEA WebLogic Server and WebLogic Express 9.0, 8.1 through SP5, and 7.0 through SP6 allows anonymous binds to the embedded LDAP server, which allows remote malicious users to read user entries or cause a denial of service (unspecified) via a large number of connections.
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 9.0
383
VMScore
CVE-2008-0869
Cross-site scripting (XSS) vulnerability in BEA WebLogic Workshop 8.1 through SP6 and Workshop for WebLogic 9.0 up to and including 10.0 allows remote malicious users to inject arbitrary web script or HTML via a "framework defined request parameter" when using WebLogic ...
Bea Weblogic Workshop 8.1
Bea Weblogic Server 9.2
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
Bea Systems Weblogic 10.0
645
VMScore
CVE-2010-2375
Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebLogic Server component in Oracle Fusion Middleware 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, 10.3.2, and 10.3.3 allows remote malicious users to affect confidentiality and inte...
Oracle Weblogic Server 10.3.2.0.0
Bea Weblogic Server 9.2
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
Bea Systems Weblogic Server 10.0
Oracle Weblogic Server 10.3.3.0.0
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
1 EDB exploit
1000
VMScore
CVE-2008-3257
Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and previous versions allows remote malicious users to execute arbitrary code via a long HTTP version string, as demonstrated by a string after "POST /....
Bea Weblogic Server 3.1.8
Bea Weblogic Server 4.5.1
Bea Weblogic Server 4.5.2
Bea Weblogic Server 5.1
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0.0.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
Bea Weblogic Server 10.0
Bea Weblogic Server 6.0
Bea Weblogic Server 9.2
Bea Weblogic Server 4.0
Bea Weblogic Server 4.0.4
Bea Systems Apache Connector In Weblogic Server
Bea Weblogic Server 4.5
Bea Systems Weblogic Server 10.0 Mp1
Oracle Weblogic Server
2 EDB exploits
1 Github repository
668
VMScore
CVE-2007-0416
The WSEE runtime (WS-Security runtime) in BEA WebLogic Server 9.0 and 9.1 does not verify credentials when decrypting client messages, which allows remote malicious users to bypass application security.
Bea Weblogic Server 9.1
Bea Weblogic Server 9.0
632
VMScore
CVE-2007-2699
The Administration Console in BEA WebLogic Express and WebLogic Server 9.0 and 9.1 does not properly enforce certain Domain Security Policies, which allows remote administrative users in the Deployer role to upload arbitrary files.
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »