Vulmon
Tổng quan CVE-2022-21445 (điểm CVSS 9,8), lỗ hổng là sự giải mã dữ liệu không đáng tin, được xác định tồn tại trong ADF Faces component, có thể bị tin tặc khai thác từ xa mà không cần xác thực (pre-authentication) để thực hiện RCE Lỗ hổng trên được
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP, T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
oracle weblogic server 12.2.1.3.0 |
||
oracle weblogic server 12.2.1.4.0 |
||
oracle weblogic server 14.1.1.0.0 |
CISA warns of actively exploited Apache HugeGraph-Server bug By Bill Toulas September 19, 2024 06:53 PM 0 The U.S. Cybersecurity and Infrastructure Agency (CISA) has added five flaws to its Known Exploited Vulnerabilities (KEV) catalog, among which is a remote code execution (RCE) flaw impacting Apache HugeGraph-Server. The flaw, tracked as CVE-2024-27348 and rated critical (CVSS v3.1 score: 9.8), is an improper access control vulnerability that impacts HugeGraph-Server versions from 1.0.0 and u...