Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bea weblogic server 7.0 vulnerabilities and exploits
(subscribe to this query)
605
VMScore
CVE-2007-4613
SSL libraries in BEA WebLogic Server 6.1 Gold through SP7, 7.0 Gold through SP7, and 8.1 Gold through SP5 might allow remote malicious users to obtain plaintext from an SSL stream via a man-in-the-middle attack that injects crafted data and measures the elapsed time before an err...
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 6.0
694
VMScore
CVE-2007-4617
Unspecified vulnerability in BEA WebLogic Server 6.1 Gold through SP7, 7.0 Gold through SP7, and 8.1 Gold through SP4 allows remote malicious users to cause a denial of service (server thread hang) via unspecified vectors.
Bea Weblogic Server 6.0
Bea Weblogic Server 7.0
Bea Weblogic Server 6.1
Bea Weblogic Server 8.1
516
VMScore
CVE-2004-2320
The default configuration of BEA WebLogic Server and Express 8.1 SP2 and previous versions, 7.0 SP4 and previous versions, 6.1 through SP6, and 5.1 through SP13 responds to the HTTP TRACE request, which can allow remote malicious users to steal information using cross-site tracin...
Bea Weblogic Server 5.1
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
445
VMScore
CVE-2003-1223
The Node Manager for BEA WebLogic Express and Server 6.1 up to and including 8.1 SP 1 allows remote malicious users to cause a denial of service (Node Manager crash) via malformed data to the Node Manager's port, as demonstrated by nmap.
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0.0.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
454
VMScore
CVE-2007-2697
The embedded LDAP server in BEA WebLogic Express and WebLogic Server 7.0 through SP6, 8.1 through SP5, 9.0, and 9.1, when in certain configurations, does not limit or audit failed authentication attempts, which allows remote malicious users to more easily conduct brute-force atta...
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
445
VMScore
CVE-2007-0410
Unspecified vulnerability in the thread management in BEA WebLogic 7.0 up to and including 7.0 SP6, 8.1 up to and including 8.1 SP5, 9.0, and 9.1, when T3 authentication is used, allows remote malicious users to cause a denial of service (thread and system hang) via unspecified &...
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 9.1
Bea Weblogic Server 9.0
632
VMScore
CVE-2008-0901
BEA WebLogic Server and Express 7.0 up to and including 10.0 allows remote malicious users to conduct brute force password guessing attacks, even when account lockout has been activated, via crafted URLs that indicate whether a guessed password is successful or not.
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 9.2
Bea Weblogic Server 10.0
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
Bea Systems Weblogic Server 10.0 Mp1
383
VMScore
CVE-2008-0902
Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and Express 6.1 up to and including 10.0 MP1 allow remote malicious users to inject arbitrary web script or HTML via unspecified samples. NOTE: this might be the same issue as CVE-2007-2694.
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 10.0
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
Bea Systems Weblogic Server 10.0 Mp1
445
VMScore
CVE-2005-4704
Unspecified vulnerability in BEA WebLogic Server and WebLogic Express 8.1 through SP3, 7.0 through SP6, and 6.1 through SP7, when SSL is intended to be used, causes an unencrypted protocol to be used in certain unspecified circumstances, which causes user credentials to be sent a...
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 6.1
231
VMScore
CVE-2002-2177
BEA WebLogic Server and Express 6.1 up to and including 7.0.0.1 buffers HTTP requests in a way that can cause BEA to send the same response for two different HTTP requests, which could allow remote malicious users to obtain sensitive information that was intended for other users.
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 7.0.0.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »