CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2012-0085
https://notcve.org/view.php?id=CVE-2012-0085
18 Jan 2012 — Unspecified vulnerability in the Oracle WebCenter Content component in Oracle Fusion Middleware 7.5.2 and 10.1.3.5.1 allows remote attackers to affect integrity via unknown vectors related to Content Server. Vulnerabilidad no especificada en el Componente Oracle WebCenter Content en Oracle Fusion Middleware v7.5.2 y v10.1.3.5.1 permite a atacantes remotos afectar a la integridad de la información a través de vectores desconocidos relacionados con el servidor de contenidos. • http://www.oracle.com/technetwork/topics/security/cpujan2012-366304.html •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2011-2255
https://notcve.org/view.php?id=CVE-2011-2255
18 Oct 2011 — Unspecified vulnerability in the Oracle WebLogic Portal component in Oracle Fusion Middleware 9.2.3.0, 10.0.1.0, 10.2.1.0, and 10.3.2.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. Vulnerabilidad no especificada en el componente de Oracle WebLogic Portal en Oracle Fusion Middleware v9.2.3.0, v10.0.1.0, v10.2.1.0 y v10.3.2.0, permite a atacantes remotos afectar a la confidencialidad, integridad y disponibilidad a través de vectores desconocidos. • http://secunia.com/advisories/46519 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2011-2318
https://notcve.org/view.php?id=CVE-2011-2318
18 Oct 2011 — Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.2.4.0, 10.0.2.0, 10.3.3.0, 10.3.4.0, and 10.3.5.0 allows local users to affect confidentiality, related to WLS Security. Vulnerabilidad no especificada en el componente Oracle WebLogic Server en Oracle Fusion Middleware v9.2.4.0, v10.0.2.0, v10.3.3.0, v10.3.4.0, y v10.3.5.0 permite a usuarios locales afectar a la confidencialidad, relacionado con WLS Security. • http://osvdb.org/76494 •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2011-2319
https://notcve.org/view.php?id=CVE-2011-2319
18 Oct 2011 — Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.2.4.0, 10.0.2.0, 10.3.3.0, 10.3.4.0, and 10.3.5.0 allows remote attackers to affect confidentiality, related to JMS. Vulnerabilidad no especificada en el componente Oracle WebLogic Server de Oracle Fusion Middleware v9.2.4.0, v10.0.2.0, v10.3.3.0, v10.3.4.0 y v10.3.5.0 permite a atacantes remotos comprometer la confidencialidad. Relacionado con JMS. • http://osvdb.org/76493 •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2011-2320
https://notcve.org/view.php?id=CVE-2011-2320
18 Oct 2011 — Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.2.4.0, 10.0.2.0, 10.3.3.0, 10.3.4.0, and 10.3.5.0 allows remote attackers to affect confidentiality via unknown vectors related to Web Services. Vulnerabilidad no especificada en el componente Oracle WebLogic Server de Oracle Fusion Middleware v9.2.4.0, v10.0.2.0, v10.3.3.0, v10.3.4.0 y v10.3.5.0 permite a atacantes remotos comprometer la confidencialidad a través de vectores desconocidos relacionados con Web Ser... • http://osvdb.org/76492 •
CVSS: 8.2EPSS: 48%CPEs: 6EXPL: 1CVE-2010-4437 – Oracle WebLogic - POST Session Fixation
https://notcve.org/view.php?id=CVE-2010-4437
19 Jan 2011 — Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.0, 9.1, 9.2.4, 10.0.2, 10.3.2, and 10.3.3 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Servlet Container. Vulnerabilidad no especificada en el componente Oracle WebLogic Server para Oracle Fusion Middleware v9.0, v9.1, v9.2.4, v10.0.2, v10.3.2, y v10.3.3 permite a atacantes remotos afectar a la confidencialidad y la integridad a través de vectores desconocidos rel... • https://www.exploit-db.com/exploits/16959 •
CVSS: 5.3EPSS: 0%CPEs: 16EXPL: 0CVE-2010-4453
https://notcve.org/view.php?id=CVE-2010-4453
19 Jan 2011 — Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 7.0.7, 8.1.6, 9.0, 9.1, 9.2.4, 10.0.2, 10.3.2, and 10.3.3 allows remote attackers to affect integrity via unknown vectors related to Servlet Container. Vulnerabilidad no especificada en el componente Oracle WebLogic Server para Oracle Fusion Middleware v7.0.7, v8.1.6, v9.0, v9.1, v9.2.4, v10.0.2, v10.3.2, y v10.3.3 permite a atacantes remotos afectar a la integridad a través de vectores desconocidos relacionados Se... • http://osvdb.org/70584 •
CVSS: 10.0EPSS: 4%CPEs: 6EXPL: 0CVE-2010-3510
https://notcve.org/view.php?id=CVE-2010-3510
19 Jan 2011 — Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.0, 9.1, 9.2.3, 10.0.2, 10.3.2, and 10.3.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Node Manager. Vulnerabilidad sin especificar en el componente Oracle WebLogic Server de Oracle Fusion Middleware 9.0, 9.1, 9.2.3, 10.0.2, 10.3.2, y 10.3.3. Permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores de... • http://secunia.com/advisories/42975 •
CVSS: 4.3EPSS: 16%CPEs: 3EXPL: 1CVE-2010-2370 – Oracle Business Process Management 10.3.2 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2010-2370
13 Jul 2010 — Unspecified vulnerability in the Oracle Business Process Management component in Oracle Fusion Middleware 5.7 MP3, 6.0 MP5, and 10.3 MP2 allows remote attackers to affect integrity, related to BPM. Vulnerabilidad no especificada en el componente Oracle Business Process Management de Oracle Fusion Middleware v5.7 MP3, v6.0 MP5, y v10.3 MP2, permite a atacantes remotos afectar la integridad, relacionado con BPM. • https://www.exploit-db.com/exploits/34310 •
CVSS: 7.5EPSS: 1%CPEs: 14EXPL: 8CVE-2010-1622 – Spring Framework - Arbitrary code Execution
https://notcve.org/view.php?id=CVE-2010-1622
21 Jun 2010 — SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs[0]=jar: followed by a URL of a crafted .jar file. SpringSource Spring Framework v2.5.x anteriores a v2.5.6.SEC02, v2.5.7 anteriores a v2.5.7.SR01, y v3.0.x anteriores a v3.0.3 permite a atacantes remotos ejecutar código arbitrario a través de una petición HTTP que contenga class.classLoader.URLs[0]=jar:... • https://www.exploit-db.com/exploits/13918 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') •