CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2011-0798
https://notcve.org/view.php?id=CVE-2011-0798
20 Apr 2011 — Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 and 11.1.1.2.0 allows remote attackers to affect integrity via unknown vectors related to Midtier Infrastructure. Vulnerabilidad no especificada en el componente Portal de Oracle Fusion Middleware v10.1.2.3 y v11.1.1.2.0, permite a atacantes remotos afectar a la integridad a través de vectores desconocidos relacionados con Midtier Infrastructure. • http://www.oracle.com/technetwork/topics/security/cpuapr2011-301950.html •
CVSS: 8.2EPSS: 48%CPEs: 6EXPL: 1CVE-2010-4437 – Oracle WebLogic - POST Session Fixation
https://notcve.org/view.php?id=CVE-2010-4437
19 Jan 2011 — Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.0, 9.1, 9.2.4, 10.0.2, 10.3.2, and 10.3.3 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Servlet Container. Vulnerabilidad no especificada en el componente Oracle WebLogic Server para Oracle Fusion Middleware v9.0, v9.1, v9.2.4, v10.0.2, v10.3.2, y v10.3.3 permite a atacantes remotos afectar a la confidencialidad y la integridad a través de vectores desconocidos rel... • https://www.exploit-db.com/exploits/16959 •
CVSS: 5.3EPSS: 0%CPEs: 16EXPL: 0CVE-2010-4453
https://notcve.org/view.php?id=CVE-2010-4453
19 Jan 2011 — Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 7.0.7, 8.1.6, 9.0, 9.1, 9.2.4, 10.0.2, 10.3.2, and 10.3.3 allows remote attackers to affect integrity via unknown vectors related to Servlet Container. Vulnerabilidad no especificada en el componente Oracle WebLogic Server para Oracle Fusion Middleware v7.0.7, v8.1.6, v9.0, v9.1, v9.2.4, v10.0.2, v10.3.2, y v10.3.3 permite a atacantes remotos afectar a la integridad a través de vectores desconocidos relacionados Se... • http://osvdb.org/70584 •
CVSS: 8.1EPSS: 0%CPEs: 3EXPL: 0CVE-2010-3588
https://notcve.org/view.php?id=CVE-2010-3588
19 Jan 2011 — Unspecified vulnerability in the Oracle Discoverer component in Oracle Fusion Middleware 10.1.2.3, 11.1.1.2.0, and 11.1.1.3.0 allows remote authenticated users to affect confidentiality and integrity, related to EUL Code & Schema. Vulnerabilidad no especificada en el componente Oracle Discoverer para Oracle Fusion Middleware v10.1.2.3, v11.1.1.2.0, v11.1.1.3.0 y permite a usuarios autenticados remotamente afectar a la confidencialidad y la integridad, relacionado con EUL Code & Schema. • http://secunia.com/advisories/42994 •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2010-4427
https://notcve.org/view.php?id=CVE-2010-4427
19 Jan 2011 — Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 10.1.3.4.0, 10.1.3.4.1, and 11.1.1.3 allows remote authenticated users to affect integrity via unknown vectors related to Web Server. Vulnerabilidad no especificada en el componente Oracle BI Publisher para Oracle Fusion Middleware v10.1.3.4.0, v10.1.3.4.1 y v11.1.1.3 permite a usuarios autenticados remotamente afectar a la integridad a través de vectores desconocidos relacionados con Web Server. • http://osvdb.org/70561 •
CVSS: 10.0EPSS: 4%CPEs: 6EXPL: 0CVE-2010-3510
https://notcve.org/view.php?id=CVE-2010-3510
19 Jan 2011 — Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.0, 9.1, 9.2.3, 10.0.2, 10.3.2, and 10.3.3 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Node Manager. Vulnerabilidad sin especificar en el componente Oracle WebLogic Server de Oracle Fusion Middleware 9.0, 9.1, 9.2.3, 10.0.2, 10.3.2, y 10.3.3. Permite a atacantes remotos afectar la confidencialidad, integridad y disponibilidad a través de vectores de... • http://secunia.com/advisories/42975 •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2010-3501
https://notcve.org/view.php?id=CVE-2010-3501
13 Oct 2010 — Unspecified vulnerability in the OID component in Oracle Fusion Middleware 10.1.2.3, 10.1.4.3, and 11.1.1.2.0 allows remote attackers to affect availability via unknown vectors. Vulnerabilidad no especificada en el componente OID en Oracle Fusion Middleware v10.1.2.3, vv10.1.4.3 y v11.1.1.2.0 y permite a atacantes remotos afectar a la disponibilidad a través de vectores desconocidos. • http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html •
CVSS: 7.5EPSS: 2%CPEs: 14EXPL: 8CVE-2010-1622 – Spring Framework - Arbitrary code Execution
https://notcve.org/view.php?id=CVE-2010-1622
21 Jun 2010 — SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.0.3 allows remote attackers to execute arbitrary code via an HTTP request containing class.classLoader.URLs[0]=jar: followed by a URL of a crafted .jar file. SpringSource Spring Framework v2.5.x anteriores a v2.5.6.SEC02, v2.5.7 anteriores a v2.5.7.SR01, y v3.0.x anteriores a v3.0.3 permite a atacantes remotos ejecutar código arbitrario a través de una petición HTTP que contenga class.classLoader.URLs[0]=jar:... • https://www.exploit-db.com/exploits/13918 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-96: Improper Neutralization of Directives in Statically Saved Code ('Static Code Injection') •