Recent vulnerabilities and exploits

7.5
CVSSv2
CVE-2018-3191

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access...

OracleWeblogic Server
7.5
CVSSv2
CVE-2018-3245

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access...

OracleWeblogic Server
5.8
CVSSv2
CVE-2017-3428

Vulnerability in the Oracle One-to-One Fulfillment component of Oracle E-Business Suite (subcomponent: User Interface). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily exploitable vulnerability allows unauthenticated...

OracleOne-to-one Fulfillment
5
CVSSv2
CVE-2014-4210

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0 and 10.3.6.0 allows remote attackers to affect confidentiality via vectors related to WLS - Web Services....

OracleFusion Middleware
7.5
CVSSv2
CVE-2016-0638

Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.3.6, 12.1.2, 12.1.3, and 12.2.1 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Java Messaging Service....

OracleWeblogic Server
5.5
CVSSv2
CVE-2019-2618

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows high privileged attacker with network...

OracleWeblogic Server
NA
CVE-2019-18890

Hoger Just discovered an SQL injection in Redmine, a project management web application. In addition a cross-site scripting issue was found in Textile formatting. For the oldstable distribution (stretch), these problems have been fixed in version 3.3.1-4+deb9u3. We recommend...

4.3
CVSSv2
CVE-2019-17427

In Redmine before 3.4.11 and 4.0.x before 4.0.4, persistent XSS exists due to textile formatting errors....

NA
CVE-2014-5118

A Security Bypass Vulnerability exists in TBOOT before 1.8.2 in the boot loader module when measuring commandline parameters....

NA
CVE-2019-12422

Apache Shiro before 1.4.2, when using the default "remember me" configuration, cookies could be susceptible to a padding attack....