Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bea weblogic server 7.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-1223
The Node Manager for BEA WebLogic Express and Server 6.1 up to and including 8.1 SP 1 allows remote malicious users to cause a denial of service (Node Manager crash) via malformed data to the Node Manager's port, as demonstrated by nmap.
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0.0.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
NA
CVE-2004-2320
The default configuration of BEA WebLogic Server and Express 8.1 SP2 and previous versions, 7.0 SP4 and previous versions, 6.1 through SP6, and 5.1 through SP13 responds to the HTTP TRACE request, which can allow remote malicious users to steal information using cross-site tracin...
Bea Weblogic Server 5.1
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
NA
CVE-2007-4613
SSL libraries in BEA WebLogic Server 6.1 Gold through SP7, 7.0 Gold through SP7, and 8.1 Gold through SP5 might allow remote malicious users to obtain plaintext from an SSL stream via a man-in-the-middle attack that injects crafted data and measures the elapsed time before an err...
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 6.0
NA
CVE-2007-0410
Unspecified vulnerability in the thread management in BEA WebLogic 7.0 up to and including 7.0 SP6, 8.1 up to and including 8.1 SP5, 9.0, and 9.1, when T3 authentication is used, allows remote malicious users to cause a denial of service (thread and system hang) via unspecified &...
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 9.1
Bea Weblogic Server 9.0
NA
CVE-2002-1030
Race condition in Performance Pack in BEA WebLogic Server and Express 5.1.x, 6.0.x, 6.1.x and 7.0 allows remote malicious users to cause a denial of service (crash) via a flood of data and connections.
Bea Weblogic Server 5.1
Bea Weblogic Server 6.0
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
NA
CVE-2007-4617
Unspecified vulnerability in BEA WebLogic Server 6.1 Gold through SP7, 7.0 Gold through SP7, and 8.1 Gold through SP4 allows remote malicious users to cause a denial of service (server thread hang) via unspecified vectors.
Bea Weblogic Server 6.0
Bea Weblogic Server 7.0
Bea Weblogic Server 6.1
Bea Weblogic Server 8.1
NA
CVE-2008-0902
Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and Express 6.1 up to and including 10.0 MP1 allow remote malicious users to inject arbitrary web script or HTML via unspecified samples. NOTE: this might be the same issue as CVE-2007-2694.
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 10.0
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
Bea Systems Weblogic Server 10.0 Mp1
NA
CVE-2008-0901
BEA WebLogic Server and Express 7.0 up to and including 10.0 allows remote malicious users to conduct brute force password guessing attacks, even when account lockout has been activated, via crafted URLs that indicate whether a guessed password is successful or not.
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 9.2
Bea Weblogic Server 10.0
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
Bea Systems Weblogic Server 10.0 Mp1
NA
CVE-2004-0713
The remove method in a stateful Enterprise JavaBean (EJB) in BEA WebLogic Server and WebLogic Express version 8.1 through SP2, 7.0 through SP4, and 6.1 through SP6, does not properly check EJB permissions before unexporting a bean, which allows remote authenticated users to remov...
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
NA
CVE-2004-0652
BEA WebLogic Server and WebLogic Express 7.0 up to and including 7.0 Service Pack 4, and 8.1 up to and including 8.1 Service Pack 2, allows malicious users to obtain the username and password for booting the server by directly accessing certain internal methods.
Bea Weblogic Server 7.0.0.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »