Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bea weblogic server 7.0 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2005-4753
BEA WebLogic Server and WebLogic Express 8.1 SP4 and previous versions, and 7.0 SP6 and previous versions, in certain "heavy usage" scenarios, report incorrect severity levels for an audit event, which might allow malicious users to perform unauthorized actions and avoi...
Bea Weblogic Server 8.1
Bea Weblogic Server 7.0
445
VMScore
CVE-2005-4759
BEA WebLogic Server and WebLogic Express 8.1 and 7.0, during a migration across operating system platforms, do not warn the administrative user about platform differences in URLResource case sensitivity, which might cause local users to inadvertently lose protection of Web Applic...
Bea Weblogic Server 8.1
Bea Weblogic Server 7.0
445
VMScore
CVE-2005-1742
BEA WebLogic Server and WebLogic Express 8.1 SP2 and SP3 allows users with the Monitor security role to "shrink or reset JDBC connection pools."
Bea Weblogic Server 8.1
Bea Weblogic Server 7.0
Bea Weblogic Server 7.0.0.1
Bea Weblogic Server 6.1
Bea Weblogic Server 6.0
Oracle Weblogic Portal 8.0
445
VMScore
CVE-2005-1748
The embedded LDAP server in BEA WebLogic Server and Express 8.1 through Service Pack 4, and 7.0 through Service Pack 5, allows remote anonymous binds, which may allow remote malicious users to view user entries or cause a denial of service.
Bea Weblogic Server 8.1
Bea Weblogic Server 7.0
Bea Weblogic Server 7.0.0.1
Bea Weblogic Server 6.1
Bea Weblogic Server 6.0
Oracle Weblogic Portal 8.0
445
VMScore
CVE-2005-1746
The cluster cookie parsing code in BEA WebLogic Server 7.0 through Service Pack 5 attempts to contact any host or port specified in a cookie, even when it is not in the cluster, which allows remote malicious users to cause a denial of service (cluster slowdown) via modified cooki...
Bea Weblogic Server 8.1
Bea Weblogic Server 7.0
Bea Weblogic Server 7.0.0.1
Bea Weblogic Server 6.1
Bea Weblogic Server 6.0
Oracle Weblogic Portal 8.0
445
VMScore
CVE-2005-1749
Buffer overflow in BEA WebLogic Server and WebLogic Express 6.1 Service Pack 4 allows remote malicious users to cause a denial of service (CPU consumption from thread looping).
Bea Weblogic Server 8.1
Bea Weblogic Server 7.0
Bea Weblogic Server 7.0.0.1
Bea Weblogic Server 6.1
Bea Weblogic Server 6.0
Oracle Weblogic Portal 8.0
445
VMScore
CVE-2005-0432
BEA WebLogic Server 7.0 Service Pack 5 and previous versions, and 8.1 Service Pack 3 and previous versions, generates different login exceptions that suggest why an authentication attempt fails, which makes it easier for remote malicious users to guess passwords via brute force a...
Bea Weblogic Server 8.1
Bea Weblogic Server 7.0
445
VMScore
CVE-2004-1756
BEA WebLogic Server and WebLogic Express 8.1 SP2 and previous versions, and 7.0 SP4 and previous versions, when using 2-way SSL with a custom trust manager, may accept a certificate chain even if the trust manager rejects it, which allows remote malicious users to spoof other use...
Bea Weblogic Server 8.1
Bea Weblogic Server 7.0
445
VMScore
CVE-2003-1290
BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, with RMI and anonymous admin lookup enabled, allows remote malicious users to obtain configuration information by accessing MBeanHome via the Java Naming and Directory Interface (JNDI).
Bea Weblogic Server 8.1
Bea Weblogic Server 7.0
Bea Weblogic Server 7.0.0.1
Bea Weblogic Server 6.1
Bea Weblogic Server 6.0
445
VMScore
CVE-2003-1221
BEA WebLogic Express and Server 7.0 up to and including 8.1 SP 1, under certain circumstances when a request to use T3 over SSL (t3s) is made to the insecure T3 port, may use a non-SSL connection for the communication, which could allow malicious users to sniff sessions.
Bea Weblogic Server 8.1
Bea Weblogic Server 7.0
Bea Weblogic Server 7.0.0.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
malicious code
XML injection
CVE-2024-28020
CVE-2024-35252
CVE-2024-5833
CVE-2024-30066
injection
CVE-2024-23282
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »