Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bea weblogic server vulnerabilities and exploits
(subscribe to this query)
570
VMScore
CVE-2006-0422
Multiple unspecified vulnerabilities in BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through SP6, and 6.1 through SP7 allow remote malicious users to access MBean attributes or cause an unspecified denial of service via unknown attack vectors.
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
356
VMScore
CVE-2006-0424
BEA WebLogic Server and WebLogic Express 8.1 through SP4, 7.0 through SP6, and 6.1 through SP7 allows remote authenticated guest users to read the server log and obtain sensitive configuration information.
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
445
VMScore
CVE-2006-0430
Certain configurations of BEA WebLogic Server and WebLogic Express 9.0, 8.1 through SP5, and 7.0 through SP6, when connection filters are enabled, cause the server to run more slowly, which makes it easier for remote malicious users to cause a denial of service (server slowdown).
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 9.0
231
VMScore
CVE-2002-2177
BEA WebLogic Server and Express 6.1 up to and including 7.0.0.1 buffers HTTP requests in a way that can cause BEA to send the same response for two different HTTP requests, which could allow remote malicious users to obtain sensitive information that was intended for other users.
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 7.0.0.1
605
VMScore
CVE-2003-0733
Multiple cross-site scripting (XSS) vulnerabilities in WebLogic Integration 7.0 and 2.0, Liquid Data 1.1, and WebLogic Server and Express 5.1 up to and including 7.0, allow remote malicious users to execute arbitrary web script and steal authentication credentials via (1) a forwa...
Bea Liquid Data 1.1
Bea Weblogic Integration 2.0
Bea Weblogic Integration 7.0
Bea Weblogic Server 5.1
Bea Weblogic Server 7.0
668
VMScore
CVE-2007-0425
Unspecified vulnerability in BEA WebLogic Platform and Server 8.1 up to and including 8.1 SP5, and JRockit 1.4.2 R4.5 and previous versions, allows malicious users to gain privileges via unspecified vectors, related to an "overflow condition," probably a buffer overflow...
Bea Weblogic Server 8.1
Bea Jrockit
Bea Weblogic Server
668
VMScore
CVE-2007-6384
Unspecified vulnerability in the Image Converter functionality in BEA WebLogic Mobility Server 3.3, 3.5, and 3.6 up to and including 3.6 SP1 allows remote malicious users to obtain application file and resource access via unspecified vectors.
Bea Weblogic Mobility Server 3.5
Bea Weblogic Mobility Server 3.6
Bea Weblogic Mobility Server 3.3
668
VMScore
CVE-2007-0408
BEA Weblogic Server 8.1 up to and including 8.1 SP4 does not properly validate client certificates when reusing cached connections, which allows remote malicious users to obtain access via an untrusted X.509 certificate.
Bea Weblogic Server 8.1
Bea Weblogic Server
1 Github repository
435
VMScore
CVE-2003-0624
Cross-site scripting (XSS) vulnerability in InteractiveQuery.jsp for BEA WebLogic 8.1 and previous versions allows remote malicious users to inject malicious web script via the person parameter.
Bea Weblogic Server
Bea Weblogic Server 3.1.8
1 EDB exploit
392
VMScore
CVE-2007-0413
BEA WebLogic Server 8.1 up to and including 8.1 SP5 stores cleartext data in a backup of config.xml after offline editing, which allows local users to obtain sensitive information by reading this backup file.
Bea Weblogic Server 8.1
Bea Weblogic Server
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »