CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2009-1004
https://notcve.org/view.php?id=CVE-2009-1004
15 Apr 2009 — Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3 allows remote attackers to affect confidentiality and integrity via unknown vectors. Vulnerabilidad no especificada en el componente WebLogic Server en BEA Product Suite v10.3 permite a atacantes remotos afectar a la confidencialidad e integridad a través de vectores desconocidos. • http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2009-1002
https://notcve.org/view.php?id=CVE-2009-1002
15 Apr 2009 — Unspecified vulnerability in Oracle BEA WebLogic Server 10.3, 10.0 Gold through MP1, 9.2 Gold through MP3, 9.1, 9.0, 8.1 Gold through SP6, and 7.0 Gold through SP7 allows remote attackers to gain privileges via unknown vectors. Vulnerabilidad no especificada en el componente WebLogic Server en BEA Product Suite v10.3, v10.0 MP1, v9.2 MP3, v9.1, v9.0, v8.1 SP6, y v7.0 SP7 permite a los atacantes afectar a la confidencialidad e integridad a través de vectores desconocidos. • http://www.oracle.com/technetwork/topics/security/cpuapr2009-099563.html •
CVSS: 10.0EPSS: 1%CPEs: 7EXPL: 0CVE-2009-1012
https://notcve.org/view.php?id=CVE-2009-1012
15 Apr 2009 — Unspecified vulnerability in the plug-ins for Apache and IIS web servers in Oracle BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through MP3, 10.0 Gold through MP1, and 10.3 allows remote attackers to affect confidentiality, integrity, and availability. NOTE: the previous information was obtained from the April 2009 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in an unspecified plug-in that parses HTTP requests, whic... • http://osvdb.org/53765 •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2009-1005
https://notcve.org/view.php?id=CVE-2009-1005
15 Apr 2009 — Unspecified vulnerability in the Oracle Data Service Integrator (AquaLogic Data Services Platform) component in BEA Product Suite 10.3.0, 3.2, 3.0.1, and 3.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente Oracle Data Service Integrator (AquaLogic Data Services Platform) en BEA Product Suite v10.3.0, v3.2, v3.0.1, and v3.0 que permite a los usuario locales afectar a la confidencialidad, integridad y disponibilidad... • http://osvdb.org/53760 •
CVSS: 9.3EPSS: 1%CPEs: 7EXPL: 0CVE-2008-5461
https://notcve.org/view.php?id=CVE-2008-5461
14 Jan 2009 — Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0, and SP7 allows remote attackers to affect confidentiality, integrity, and availability, related to WLS. NOTE: the previous information was obtained from the January 2009 CPU. Oracle has not commented on reliable researcher claims that this issue is cross-site scripting. Una vulnerabilidad no especificada en el componente WebLogic Server de Product Suite de BEA versiones 10.3, 10.0... • http://jvn.jp/en/jp/JVN93431860/index.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 96%CPEs: 7EXPL: 2CVE-2008-5457 – BEA WebLogic - JSESSIONID Cookie Value Overflow
https://notcve.org/view.php?id=CVE-2008-5457
14 Jan 2009 — Unspecified vulnerability in the Oracle BEA WebLogic Server Plugins for Apache, Sun and IIS web servers component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente Oracle BEA WebLogic Server Plugins para Apache, Sun y IIS web servers en BEA Product Suite 10.3, 10.0, MP1, 9.2, MP3, 9.1, 9.0, 8.1, SP6, 7.0 y SP7 permite a atacantes remot... • https://www.exploit-db.com/exploits/16762 •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2008-5460
https://notcve.org/view.php?id=CVE-2008-5460
14 Jan 2009 — Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, and 9.0 allows remote attackers to affect confidentiality via unknown vectors. Vulnerabilidad no especificada en el componente WebLogic Server en BEA Product Suite 10.3, 10.0, MP1, 9.2, MP3, 9.1 y 9.0 permite a atacantes remotos afectar a la confidencialidad mediante vectores desconocidos • http://secunia.com/advisories/33526 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 0%CPEs: 5EXPL: 0CVE-2008-5462
https://notcve.org/view.php?id=CVE-2008-5462
14 Jan 2009 — Unspecified vulnerability in the WebLogic Portal component in BEA Product Suite 10.3, 10.2, 10.0 MP1, 9.2 MP3, and 8.1 SP6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente WebLogic Portal component en BEA Product Suite 10.3, 10.2, 10.0, MP1, 9.2, MP3, 8.1, y SP6 que permite atacantes remotos y afecta a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. • http://www.oracle.com/technetwork/topics/security/cpujan2009-097901.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0CVE-2008-5459
https://notcve.org/view.php?id=CVE-2008-5459
14 Jan 2009 — Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 10.3 allows remote attackers to affect confidentiality via unknown vectors. Vulnerabilidad no especificada en el componente WebLogic Server en BEA Product Suite 10.3 que permite ataques remotos y afecta a la confidencialidad a través de vectores desconocidos. • http://secunia.com/advisories/33526 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 97%CPEs: 8EXPL: 1CVE-2008-4008 – BEA Weblogic - Transfer-Encoding Buffer Overflow
https://notcve.org/view.php?id=CVE-2008-4008
14 Oct 2008 — Unspecified vulnerability in the WebLogic Server Plugins for Apache component in BEA Product Suite 10.3, 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, 7.0 SP7, and 6.1 SP7 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2008 CPU. Oracle has not commented on reliable researcher claims that this issue is a stack-based buffer overflow in the WebLogic Apache Connector, related to an invalid parameter. Una vu... • https://www.exploit-db.com/exploits/16796 •