Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bea weblogic server 8.1 vulnerabilities and exploits
(subscribe to this query)
890
VMScore
CVE-2007-0417
BEA WebLogic Server 7.0 up to and including 7.0 SP7, 8.1 up to and including 8.1 SP5, 9.0, and 9.1, when using the WebLogic Server 6.1 compatibility realm, allows malicious users to execute certain EJB container persistence operations with an administrative identity.
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
Bea Weblogic Server
668
VMScore
CVE-2007-0418
BEA WebLogic Server 7.0 up to and including 7.0 SP6, 8.1 up to and including 8.1 SP5, 9.0, and 9.1 does not enforce a security policy that declares permissions for EJB methods that have array parameters, which allows remote malicious users to obtain unauthorized access to these m...
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
Bea Weblogic Server
668
VMScore
CVE-2007-0425
Unspecified vulnerability in BEA WebLogic Platform and Server 8.1 up to and including 8.1 SP5, and JRockit 1.4.2 R4.5 and previous versions, allows malicious users to gain privileges via unspecified vectors, related to an "overflow condition," probably a buffer overflow...
Bea Weblogic Server 8.1
Bea Jrockit
Bea Weblogic Server
445
VMScore
CVE-2006-2546
A recommended admin password reset mechanism for BEA WebLogic Server 8.1, when followed before October 10, 2005, causes the administrator password to be stored in cleartext in the domain directory, which could allow malicious users to gain privileges.
Bea Weblogic Server 8.1
409
VMScore
CVE-2006-2464
stopWebLogic.sh in BEA WebLogic Server 8.1 before Service Pack 4 and 7.0 before Service Pack 6 displays the administrator password to stdout when executed, which allows local users to obtain the password by viewing a local display.
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
231
VMScore
CVE-2006-2466
BEA WebLogic Server 8.1 up to SP4 and 7.0 up to SP6 allows remote malicious users to obtain the source code of JSP pages during certain circumstances related to a "timing window" when a compilation error occurs, aka the "JSP showcode vulnerability."
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
445
VMScore
CVE-2006-2461
BEA WebLogic Server prior to 8.1 Service Pack 4 does not properly set the Quality of Service in certain circumstances, which prevents some transmissions from being encrypted via SSL, and allows remote malicious users to more easily read potentially sensitive network traffic.
Bea Weblogic Server 8.1
445
VMScore
CVE-2006-2462
BEA WebLogic Server 8.1 before Service Pack 4 and 7.0 before Service Pack 6, may send sensitive data over non-secure channels when using JTA transactions, which allows remote malicious users to read potentially sensitive network traffic.
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
356
VMScore
CVE-2006-2467
BEA WebLogic Server 8.1 up to SP4, 7.0 up to SP6, and 6.1 up to SP7 displays the internal IP address of the WebLogic server in the WebLogic Server Administration Console, which allows remote authenticated administrators to determine the address.
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
356
VMScore
CVE-2006-2468
The WebLogic Server Administration Console in BEA WebLogic Server 8.1 up to SP4 and 7.0 up to SP6 displays the domain name in the Console login form, which allows remote malicious users to obtain sensitive information.
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »