Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle weblogic server 14.1.1.0.0 vulnerabilities and exploits
(subscribe to this query)
5
CVSSv3
CVE-2020-2934
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.19 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to...
Oracle Mysql Connector\\/j
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Oracle Weblogic Server 12.1.3.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
7.5
CVSSv3
CVE-2020-7226
CiphertextHeader.java in Cryptacular 1.2.3, as used in Apereo CAS and other products, allows malicious users to trigger excessive memory allocation during a decode operation, because the nonce array length associated with "new byte" may depend on untrusted input within ...
Vt Cryptacular
Oracle Webcenter Sites 12.2.1.3.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Webcenter Sites 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Communications Services Gatekeeper 7.0
5.5
CVSSv3
CVE-2019-12400
In version 2.0.3 Apache Santuario XML Security for Java, a caching mechanism was introduced to speed up creating new XML documents using a static pool of DocumentBuilders. However, if some untrusted code can register a malicious implementation with the thread context class loader...
Apache Santuario Xml Security For Java
Redhat Jboss Enterprise Application Platform 7.2
Oracle Weblogic Server 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
5 Github repositories
5.3
CVSSv3
CVE-2021-28170
In the Jakarta Expression Language implementation 3.0.3 and previous versions, a bug in the ELParserTokenManager enables invalid EL expressions to be evaluated as if they were valid.
Eclipse Jakarta Expression Language
Quarkus Quarkus
Oracle Communications Cloud Native Core Policy 1.14.0
Oracle Weblogic Server 14.1.1.0.0
9.8
CVSSv3
CVE-2021-23450
All versions of package dojo are vulnerable to Prototype Pollution via the setObject function.
Linuxfoundation Dojo
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Weblogic Server 12.2.1.4.0
Oracle Primavera Unifier 19.12
Oracle Weblogic Server 14.1.1.0.0
Oracle Primavera Unifier 20.12
Oracle Primavera Unifier 21.12
Oracle Communications Policy Management 12.6.0.0.0
Debian Debian Linux 10.0
5.9
CVSSv3
CVE-2021-27568
An issue exists in netplex json-smart-v1 through 2015-10-23 and json-smart-v2 up to and including 2.4. An exception is thrown from a function, but it is not caught, as demonstrated by NumberFormatException. When it is not caught, it may cause programs using the library to crash o...
Json-smart Project Json-smart-v1
Json-smart Project Json-smart-v2
Oracle Weblogic Server 12.2.1.3.0
Oracle Utilities Framework 4.4.0.0.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Weblogic Server 14.1.1.0.0
Oracle Utilities Framework 4.4.0.2.0
Oracle Peoplesoft Enterprise Peopletools 8.59
Oracle Utilities Framework 4.4.0.3.0
Oracle Communications Cloud Native Core Policy 1.14.0
Oracle Oss Support Tools
2 Github repositories
7.7
CVSSv3
CVE-2020-5258
In affected versions of dojo (NPM package), the deepCopy method is vulnerable to Prototype Pollution. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects. An attacker manipulates these attributes t...
Linuxfoundation Dojo
Debian Debian Linux 8.0
Oracle Webcenter Sites 12.2.1.3.0
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier
Oracle Communications Policy Management 12.5.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Primavera Unifier 19.12
Oracle Webcenter Sites 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Mysql
Oracle Primavera Unifier 20.12
Oracle Communications Pricing Design Center 12.0.0.3.0
Oracle Documaker
Oracle Communications Application Session Controller 3.9.0
9.8
CVSSv3
CVE-2019-17571
Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j...
Apache Log4j
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 18.04
Opensuse Leap 15.1
Netapp Oncommand Workflow Automation -
Netapp Oncommand System Manager
Oracle Retail Service Backbone 14.1
Oracle Weblogic Server 12.1.3.0.0
Oracle Retail Service Backbone 15.0
Oracle Weblogic Server 10.3.6.0.0
Oracle Weblogic Server 12.2.1.3.0
Oracle Application Testing Suite 13.3.0.1
Oracle Endeca Information Discovery Studio 3.2.0
Oracle Weblogic Server 12.2.1.4.0
Oracle Weblogic Server 14.1.1.0.0
Oracle Rapid Planning 12.1
Oracle Rapid Planning 12.2
Oracle Financial Services Lending And Leasing
Oracle Financial Services Lending And Leasing 12.5.0
Oracle Communications Network Integrity
18 Github repositories
1 Article
5.3
CVSSv3
CVE-2020-10693
A flaw was found in Hibernate Validator version 6.1.2.Final. A bug in the message interpolation processor enables invalid EL expressions to be evaluated as if they were valid. This flaw allows malicious users to bypass input sanitation (escaping, stripping) controls that develope...
Redhat Hibernate Validator 7.0.0
Redhat Hibernate Validator
Ibm Websphere Application Server
Redhat Jboss Enterprise Application Platform 7.2.0
Redhat Jboss Enterprise Application Platform 7.3.0
Redhat Satellite Capsule 6.8
Redhat Satellite 6.8
Quarkus Quarkus
Oracle Weblogic Server 14.1.1.0.0
3 Github repositories
9.8
CVSSv3
CVE-2020-14750
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with netw...
Oracle Fusion Middleware 12.1.3.0
Oracle Fusion Middleware 10.3.6.0
Oracle Fusion Middleware 12.2.1.3.0
Oracle Fusion Middleware 12.2.1.4.0
Oracle Fusion Middleware 14.1.1.0.0
7 Github repositories
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »