Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bea vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2007-6197
The Plumtree portal in BEA AquaLogic Interaction 5.0.2 up to and including 5.0.4 and 6.0.1.218452 allows remote malicious users to obtain version numbers and internal hostnames by reading comments in the HTML source of any page.
Bea Aqualogic Interaction 5.0.2
Bea Aqualogic Interaction 6.0.1.218452
Bea Aqualogic Interaction 5.0.3
Bea Aqualogic Interaction 5.0.4
5
CVSSv2
CVE-2007-6198
portal/server.pt in the Plumtree portal in BEA AquaLogic Interaction 5.0.2 up to and including 5.0.4 and 6.0.1.218452 allows wildcards in advanced searches for usernames, which allows remote malicious users to enumerate valid usernames via the in_tx_fulltext parameter.
Bea Aqualogic Interaction 5.0.4
Bea Aqualogic Interaction 6.0.1.218452
Bea Aqualogic Interaction 5.0.2
Bea Aqualogic Interaction 5.0.3
1 EDB exploit
2.6
CVSSv2
CVE-2002-1030
Race condition in Performance Pack in BEA WebLogic Server and Express 5.1.x, 6.0.x, 6.1.x and 7.0 allows remote malicious users to cause a denial of service (crash) via a flood of data and connections.
Bea Weblogic Server 5.1
Bea Weblogic Server 6.0
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
7.9
CVSSv2
CVE-2008-0897
Unspecified vulnerability in BEA WebLogic Server 9.0 up to and including 10.0 allows remote authenticated users without "receive" permissions to bypass intended access restrictions and receive messages from a standalone JMS Topic or secured Distributed Topic member dest...
Bea Weblogic Server 9.2
Bea Weblogic Server 10.0
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
5.1
CVSSv2
CVE-2007-2697
The embedded LDAP server in BEA WebLogic Express and WebLogic Server 7.0 through SP6, 8.1 through SP5, 9.0, and 9.1, when in certain configurations, does not limit or audit failed authentication attempts, which allows remote malicious users to more easily conduct brute-force atta...
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
5.5
CVSSv2
CVE-2004-2696
BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, when using Remote Method Invocation (RMI) over Internet Inter-ORB Protocol (IIOP), does not properly handle when multiple logins for different users coming from the same client, which could cause an "unexpected user...
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 7.0.0.1
Bea Weblogic Server 8.1
7.5
CVSSv2
CVE-2003-0151
BEA WebLogic Server and Express 6.0 up to and including 7.0 does not properly restrict access to certain internal servlets that perform administrative functions, which allows remote malicious users to read arbitrary files or execute arbitrary code.
Bea Weblogic Server 6.0
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0.0.1
Bea Weblogic Server 7.0
6.8
CVSSv2
CVE-2007-4613
SSL libraries in BEA WebLogic Server 6.1 Gold through SP7, 7.0 Gold through SP7, and 8.1 Gold through SP5 might allow remote malicious users to obtain plaintext from an SSL stream via a man-in-the-middle attack that injects crafted data and measures the elapsed time before an err...
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 6.0
7.8
CVSSv2
CVE-2007-4617
Unspecified vulnerability in BEA WebLogic Server 6.1 Gold through SP7, 7.0 Gold through SP7, and 8.1 Gold through SP4 allows remote malicious users to cause a denial of service (server thread hang) via unspecified vectors.
Bea Weblogic Server 6.0
Bea Weblogic Server 7.0
Bea Weblogic Server 6.1
Bea Weblogic Server 8.1
5
CVSSv2
CVE-2007-0410
Unspecified vulnerability in the thread management in BEA WebLogic 7.0 up to and including 7.0 SP6, 8.1 up to and including 8.1 SP5, 9.0, and 9.1, when T3 authentication is used, allows remote malicious users to cause a denial of service (thread and system hang) via unspecified &...
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 9.1
Bea Weblogic Server 9.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »