CVSS: 9.1EPSS: 0%CPEs: 5EXPL: 0CVE-2009-1003
https://notcve.org/view.php?id=CVE-2009-1003
15 Apr 2009 — Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, and 9.0 allows remote attackers to affect integrity via unknown vectors related to "access to source code of web pages." Vulnerabilidad no especificada en el componente WebLogic Server de BEA Product Suite v10.3, v10.0 MP1, v9.2 MP3, v9.1 y v9.0; permite a atacantes remotos comprometer la integridad a través de vectores desconocidos. • http://osvdb.org/53762 •
CVSS: 10.0EPSS: 7%CPEs: 7EXPL: 0CVE-2009-1012
https://notcve.org/view.php?id=CVE-2009-1012
15 Apr 2009 — Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP3, 10.0 Gold through MP1, and 10.3 allows remote attackers to affect confidentiality, integrity, and availability. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in an unspecified plug-in that parses HTTP requests, whic... • http://osvdb.org/53765 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2009-1005
https://notcve.org/view.php?id=CVE-2009-1005
15 Apr 2009 — Unspecified vulnerability in the Oracle Data Service Integrator (AquaLogic Data Services Platform) component in BEA Product Suite 10.3.0, 3.2, 3.0.1, and 3.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente Oracle Data Service Integrator (AquaLogic Data Services Platform) en BEA Product Suite v10.3.0, v3.2, v3.0.1, and v3.0 que permite a los usuario locales afectar a la confidencialidad, integridad y disponibilidad... • http://osvdb.org/53760 •
CVSS: 9.3EPSS: 1%CPEs: 7EXPL: 0CVE-2008-5461
https://notcve.org/view.php?id=CVE-2008-5461
14 Jan 2009 — Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0, and SP7 allows remote attackers to affect confidentiality, integrity, and availability, related to WLS. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is cross-site scripting. Una vulnerabilidad no especificada en el componente WebLogic Server de Product Suite de BEA versiones 10.3, 10.0... • http://jvn.jp/en/jp/JVN93431860/index.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2008-5460
https://notcve.org/view.php?id=CVE-2008-5460
14 Jan 2009 — Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, and 9.0 allows remote attackers to affect confidentiality via unknown vectors. Vulnerabilidad no especificada en el componente WebLogic Server en BEA Product Suite 10.3, 10.0, MP1, 9.2, MP3, 9.1 y 9.0 permite a atacantes remotos afectar a la confidencialidad mediante vectores desconocidos • http://secunia.com/advisories/33526 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2008-5462
https://notcve.org/view.php?id=CVE-2008-5462
14 Jan 2009 — Unspecified vulnerability in the WebLogic Portal component in BEA Product Suite 10.3, 10.2, 10.0 MP1, 9.2 MP3, and 8.1 SP6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente WebLogic Portal component en BEA Product Suite 10.3, 10.2, 10.0, MP1, 9.2, MP3, 8.1, y SP6 que permite atacantes remotos y afecta a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. • http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 83%CPEs: 7EXPL: 4CVE-2008-5457 – BEA WebLogic JSESSIONID Cookie Value Overflow
https://notcve.org/view.php?id=CVE-2008-5457
14 Jan 2009 — Unspecified vulnerability in the Oracle BEA WebLogic Server Plugins for Apache, Sun and IIS web servers component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente Oracle BEA WebLogic Server Plugins para Apache, Sun y IIS web servers en BEA Product Suite 10.3, 10.0, MP1, 9.2, MP3, 9.1, 9.0, 8.1, SP6, 7.0 y SP7 permite a atacantes remot... • https://packetstorm.news/files/id/76269 •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2008-4011
https://notcve.org/view.php?id=CVE-2008-4011
14 Oct 2008 — Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, and 9.0 allows remote authenticated users to affect integrity via unknown vectors. Una vulnerabilidad no especificada en el componente WebLogic Server de BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1 y 9.0 permite afectar la integridad del producto a usuarios remotos autenticados a través de vectores desconocidos. • http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2008-4010
https://notcve.org/view.php?id=CVE-2008-4010
14 Oct 2008 — Unspecified vulnerability in the WebLogic Workshop component in BEA Product Suite 10.3, 10.2, 10.0 MP1, 9.2 MP3, and 8.1 SP6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to "some NetUI tags." Una vulnerabilidad no especificada en el componente WebLogic Workshop en BEA Product Suite versiones 10.3, 10.2, 10.0 MP1, 9.2 MP3 y 8.1 SP6, permite a los atacantes remotos afectar a la confidencialidad, integridad y disponibilidad por medio de desconocidos... • http://secunia.com/advisories/32302 •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2008-4013
https://notcve.org/view.php?id=CVE-2008-4013
14 Oct 2008 — Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, and 8.1 SP6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente WebLogic Server de BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0 y 8.1 SP6 permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad mediante vectores desconocidos. • http://www.oracle.com/technetwork/topics/security/cpuoct2008-100299.html •