Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bea systems vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-2375
Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebLogic Server component in Oracle Fusion Middleware 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, 10.3.2, and 10.3.3 allows remote malicious users to affect confidentiality and inte...
Oracle Weblogic Server 10.3.2.0.0
Bea Weblogic Server 9.2
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
Bea Systems Weblogic Server 10.0
Oracle Weblogic Server 10.3.3.0.0
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
1 EDB exploit
NA
CVE-2008-0864
Admin Tools in BEA WebLogic Portal 8.1 SP3 through SP6 can inadvertently remove entitlements for pages when an administrator edits the page definition label, which might allow remote malicious users to bypass intended access restrictions.
Bea Systems Weblogic Portal 8.1 Sp6
Oracle Weblogic Portal 8.1
NA
CVE-2008-0868
Cross-site scripting (XSS) vulnerability in Groupspace in BEA WebLogic Portal 10.0 and 9.2 through Maintenance Pack 1 allows remote authenticated users to inject arbitrary web script or HTML via unknown vectors.
Oracle Weblogic Portal 9.2
Bea Systems Weblogic Portal 10.0
NA
CVE-2008-0865
Unspecified vulnerability in BEA WebLogic Portal 8.1 through SP6 allows remote malicious users to bypass entitlements for instances of a floatable WLP portlet via unknown vectors.
Oracle Weblogic Portal 8.1
Bea Systems Weblogic Portal 8.1 Sp6
NA
CVE-2000-0500
The default configuration of BEA WebLogic 5.1.0 allows a remote malicious user to view source code of programs by requesting a URL beginning with /file/, which causes the default servlet to display the file without further processing.
Bea Weblogic Server 5.1
Bea Weblogic Server 4.0
Bea Weblogic Server 3.1.8
Bea Weblogic Server 4.5
1 EDB exploit
NA
CVE-2001-0098
Buffer overflow in Bea WebLogic Server prior to 5.1.0 allows remote malicious users to execute arbitrary commands via a long URL that begins with a ".." string.
Bea Weblogic Server
1 EDB exploit
NA
CVE-2002-0106
BEA Systems Weblogic Server 6.1 allows remote malicious users to cause a denial of service via a series of requests to .JSP files that contain an MS-DOS device name.
Bea Weblogic Server 6.1
1 EDB exploit
NA
CVE-2000-1238
BEA Systems WebLogic Express and WebLogic Server 5.1 SP1-SP6 allows remote malicious users to bypass access controls for restricted JSP or servlet pages via a URL with multiple / (forward slash) characters before the restricted pages.
Bea Weblogic Server 5.1
NA
CVE-2005-2092
BEA Systems WebLogic 8.1 SP1 allows remote malicious users to poison the web cache, bypass web application firewall protection, and conduct XSS attacks via an HTTP request with both a "Transfer-Encoding: chunked" header and a Content-Length header, which causes WebLogic...
Bea Weblogic Server 8.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2