Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bea weblogic server vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2007-0410
Unspecified vulnerability in the thread management in BEA WebLogic 7.0 up to and including 7.0 SP6, 8.1 up to and including 8.1 SP5, 9.0, and 9.1, when T3 authentication is used, allows remote malicious users to cause a denial of service (thread and system hang) via unspecified &...
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 9.1
Bea Weblogic Server 9.0
490
VMScore
CVE-2004-2696
BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, when using Remote Method Invocation (RMI) over Internet Inter-ORB Protocol (IIOP), does not properly handle when multiple logins for different users coming from the same client, which could cause an "unexpected user...
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 7.0.0.1
Bea Weblogic Server 8.1
505
VMScore
CVE-2000-0500
The default configuration of BEA WebLogic 5.1.0 allows a remote malicious user to view source code of programs by requesting a URL beginning with /file/, which causes the default servlet to display the file without further processing.
Bea Weblogic Server 5.1
Bea Weblogic Server 4.0
Bea Weblogic Server 3.1.8
Bea Weblogic Server 4.5
1 EDB exploit
605
VMScore
CVE-2005-4751
Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and WebLogic Express 9.0, 8.1 SP4 and previous versions, 7.0 SP6 and previous versions, and 6.1 SP7 and previous versions allow remote malicious users to inject arbitrary web script or HTML and gain admini...
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 9.0
605
VMScore
CVE-2007-4613
SSL libraries in BEA WebLogic Server 6.1 Gold through SP7, 7.0 Gold through SP7, and 8.1 Gold through SP5 might allow remote malicious users to obtain plaintext from an SSL stream via a man-in-the-middle attack that injects crafted data and measures the elapsed time before an err...
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 6.0
694
VMScore
CVE-2007-4617
Unspecified vulnerability in BEA WebLogic Server 6.1 Gold through SP7, 7.0 Gold through SP7, and 8.1 Gold through SP4 allows remote malicious users to cause a denial of service (server thread hang) via unspecified vectors.
Bea Weblogic Server 6.0
Bea Weblogic Server 7.0
Bea Weblogic Server 6.1
Bea Weblogic Server 8.1
703
VMScore
CVE-2008-0897
Unspecified vulnerability in BEA WebLogic Server 9.0 up to and including 10.0 allows remote authenticated users without "receive" permissions to bypass intended access restrictions and receive messages from a standalone JMS Topic or secured Distributed Topic member dest...
Bea Weblogic Server 9.2
Bea Weblogic Server 10.0
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
516
VMScore
CVE-2008-0898
The distributed queue feature in JMS in BEA WebLogic Server 9.0 up to and including 10.0, in certain configurations, does not properly handle when a client cannot send a message to a member of a distributed queue, which allows remote authenticated users to bypass intended access ...
Bea Weblogic Server 10.0
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
Bea Weblogic Server 9.2
383
VMScore
CVE-2008-0899
Cross-site scripting (XSS) vulnerability in the Administration Console in BEA WebLogic Server and Express 9.0 up to and including 10.0 allows remote malicious users to inject arbitrary web script or HTML via URLs that are not properly handled by the Unexpected Exception Page.
Bea Weblogic Server 9.2
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
Bea Weblogic Server 10.0
516
VMScore
CVE-2004-2320
The default configuration of BEA WebLogic Server and Express 8.1 SP2 and previous versions, 7.0 SP4 and previous versions, 6.1 through SP6, and 5.1 through SP13 responds to the HTTP TRACE request, which can allow remote malicious users to steal information using cross-site tracin...
Bea Weblogic Server 5.1
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
HTML injection
CVE-2024-35894
SQL
CVE-2024-5105
CVE-2014-100005
CVE-2024-35895
unauthorized
CVE-2024-22120
CVE-2024-35890
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »