Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bea weblogic server 8.1 vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2005-1745
The UserLogin control in BEA WebLogic Portal 8.1 through Service Pack 3 prints the password to standard output when an incorrect login attempt is made, which could make it easier for malicious users to guess the correct password.
Bea Weblogic Server 8.1
Bea Weblogic Server 7.0
Bea Weblogic Server 7.0.0.1
Bea Weblogic Server 6.1
Bea Weblogic Server 6.0
Oracle Weblogic Portal 8.0
6.8
CVSSv2
CVE-2005-1747
Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and Express 8.1 through Service Pack 4, and 7.0 through Service Pack 6, allow remote malicious users to inject arbitrary web script or HTML, and possibly gain administrative privileges, via the (1) j_usern...
Bea Weblogic Server 8.1
Bea Weblogic Server 7.0
Bea Weblogic Server 7.0.0.1
Bea Weblogic Server 6.1
Bea Weblogic Server 6.0
Oracle Weblogic Portal 8.0
5
CVSSv2
CVE-2005-1748
The embedded LDAP server in BEA WebLogic Server and Express 8.1 through Service Pack 4, and 7.0 through Service Pack 5, allows remote anonymous binds, which may allow remote malicious users to view user entries or cause a denial of service.
Bea Weblogic Server 8.1
Bea Weblogic Server 7.0
Bea Weblogic Server 7.0.0.1
Bea Weblogic Server 6.1
Bea Weblogic Server 6.0
Oracle Weblogic Portal 8.0
5
CVSSv2
CVE-2005-1746
The cluster cookie parsing code in BEA WebLogic Server 7.0 through Service Pack 5 attempts to contact any host or port specified in a cookie, even when it is not in the cluster, which allows remote malicious users to cause a denial of service (cluster slowdown) via modified cooki...
Bea Weblogic Server 8.1
Bea Weblogic Server 7.0
Bea Weblogic Server 7.0.0.1
Bea Weblogic Server 6.1
Bea Weblogic Server 6.0
Oracle Weblogic Portal 8.0
5
CVSSv2
CVE-2005-1749
Buffer overflow in BEA WebLogic Server and WebLogic Express 6.1 Service Pack 4 allows remote malicious users to cause a denial of service (CPU consumption from thread looping).
Bea Weblogic Server 8.1
Bea Weblogic Server 7.0
Bea Weblogic Server 7.0.0.1
Bea Weblogic Server 6.1
Bea Weblogic Server 6.0
Oracle Weblogic Portal 8.0
7.5
CVSSv2
CVE-2007-0425
Unspecified vulnerability in BEA WebLogic Platform and Server 8.1 up to and including 8.1 SP5, and JRockit 1.4.2 R4.5 and previous versions, allows malicious users to gain privileges via unspecified vectors, related to an "overflow condition," probably a buffer overflow...
Bea Weblogic Server
Bea Weblogic Server 8.1
Bea Jrockit
7.5
CVSSv2
CVE-2007-0408
BEA Weblogic Server 8.1 up to and including 8.1 SP4 does not properly validate client certificates when reusing cached connections, which allows remote malicious users to obtain access via an untrusted X.509 certificate.
Bea Weblogic Server 8.1
Bea Weblogic Server
1 Github repository
5
CVSSv2
CVE-2007-0415
BEA WebLogic Server 8.1 up to and including 8.1 SP5 does not properly enforce access control after a dynamic update and dynamic redeployment of an application that is implemented through exploded jars, which allows malicious users to bypass intended access restrictions.
Bea Weblogic Server
Bea Weblogic Server 8.1
4.4
CVSSv2
CVE-2007-0413
BEA WebLogic Server 8.1 up to and including 8.1 SP5 stores cleartext data in a backup of config.xml after offline editing, which allows local users to obtain sensitive information by reading this backup file.
Bea Weblogic Server
Bea Weblogic Server 8.1
6.4
CVSSv2
CVE-2010-2375
Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebLogic Server component in Oracle Fusion Middleware 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, 10.3.2, and 10.3.3 allows remote malicious users to affect confidentiality and inte...
Bea Weblogic Server 7.0
Bea Weblogic Server 9.0
Bea Systems Weblogic Server 10.0
Bea Weblogic Server 9.1
Bea Weblogic Server 8.1
Bea Weblogic Server 9.2
Oracle Weblogic Server 10.3.2.0.0
Oracle Weblogic Server 10.3.3.0.0
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
TCP
CVE-2024-4577
CVE-2024-2695
CVE-2024-31870
injection
CVE-2024-3813
arbitrary code
CVE-2024-27801
CVE-2024-30120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »