The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Bea WebLogic Server

SQLite: out-of-bounds memory reading via rtreenode
An attacker can force a read at an invalid address via rtreenode() of SQLite, in order to trigger a denial of service, or to obtain sensitive information...
cpuapr2020, cpujan2020, cpujul2020, cpuoct2020, CVE-2019-8457, DSA-2019-133, FEDORA-2019-02b81266b7, FEDORA-2019-3377813d18, JSA11055, openSUSE-SU-2019:1645-1, RHSA-2020:1810-01, SUSE-SU-2019:14083-1, SUSE-SU-2019:14120-1, SUSE-SU-2019:1522-1, SUSE-SU-2019:1601-1, USN-4004-1, USN-4004-2, USN-4019-1, USN-4019-2, VIGILANCE-VUL-29449
WebLogic, Tuxedo: several vulnerabilities
An attacker can exploit several vulnerabilities of WebLogic Server/Express and Tuxedo...
BEA05-80.02, BEA07-158.00, BEA07-159.00, BEA07-160.00, BEA07-161.00, BEA07-162.00, BEA07-163.00, BEA07-164.00, BEA07-164.01, BEA07-165.00, BEA07-168.00, BEA07-169.00, BEA07-80.03, BEA08-159.01, BEA08-80.04, BID-23979, CVE-2007-2694, CVE-2007-2695, CVE-2007-2696, CVE-2007-2697, CVE-2007-2698, CVE-2007-2699, CVE-2007-2700, CVE-2007-2701, CVE-2007-2704, CVE-2007-2705, CVE-2008-0902, VIGILANCE-VUL-6816
c3p0: denial of service via the XML configuration
An attacker can trigger a fatal error via the processing of the XML configuration of c3p0, in order to trigger a denial of service...
5048, cpuapr2020, cpujul2020, cpuoct2020, CVE-2019-5427, FEDORA-2019-063672154a, FEDORA-2019-cb14e234fc, VIGILANCE-VUL-29428
curl: multiple vulnerabilities
An attacker can use several vulnerabilities of curl...
cpuoct2019, cpuoct2020, CVE-2019-5435, CVE-2019-5436, DLA-1804-1, DSA-2019-117, DSA-2019-201, DSA-4633-1, FEDORA-2019-3f5b6f0f97, FEDORA-2019-697de0501f, openSUSE-SU-2019:1492-1, openSUSE-SU-2019:1508-1, RHSA-2020:1020-01, RHSA-2020:1792-01, RHSA-2020:2505-01, SSA:2019-142-01, SUSE-SU-2019:1357-1, SUSE-SU-2019:1357-2, SUSE-SU-2019:1363-1, SUSE-SU-2019:14064-1, USN-3993-1, USN-3993-2, VIGILANCE-VUL-29382
jackson-databind: file reading
An attacker can read a file from a client using jackson-databind, in order to obtain sensitive information...
5048, cpujan2020, cpujul2019, cpuoct2019, CVE-2019-12086, DLA-1798-1, DSA-4452-1, FEDORA-2019-ae6a703b8f, FEDORA-2019-fb23eccc03, RHSA-2019:2935-01, RHSA-2019:2936-01, RHSA-2019:2937-01, RHSA-2019:2938-01, RHSA-2019:3044-01, RHSA-2019:3045-01, RHSA-2019:3046-01, RHSA-2019:3050-01, VIGILANCE-VUL-29375
Eclipse Jetty: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Eclipse Jetty, in order to run JavaScript code in the context of the web site...
6344071, 6344075, cpuapr2020, cpujan2020, cpujul2020, CVE-2019-10241, CVE-2019-10246, CVE-2019-10247, NTAP-20190509-0003, VIGILANCE-VUL-29106
Oracle Fusion Middleware: vulnerabilities of April 2018
Several vulnerabilities were announced in Oracle products...
cpuapr2018, CVE-2018-2587, CVE-2018-2628, CVE-2018-2739, CVE-2018-2760, CVE-2018-2765, CVE-2018-2770, CVE-2018-2791, CVE-2018-2828, CVE-2018-2834, CVE-2018-2879, VIGILANCE-VUL-25897
jQuery, Symfony: Cross Site Scripting via templates
An attacker can trigger a Cross Site Scripting via templates for Symfony, in order to run JavaScript code in the context of the web site...
bulletinoct2019, CERTFR-2019-AVI-180, cpujan2020, cpuoct2019, CVE-2019-10909, CVE-2019-11358, DLA-1777-1, DLA-1777-2, DLA-1778-1, DLA-1797-1, DLA-2118-1, DRUPAL-SA-CORE-2019-005, DRUPAL-SA-CORE-2019-006, DSA-4434-1, DSA-4441-1, FEDORA-2019-2a7f472198, FEDORA-2019-32067d8b15, FEDORA-2019-3ee6a7adf2, FEDORA-2019-a3ca65028c, FEDORA-2019-f8db687840, ibm10882578, ibm10882596, ibm10882756, ibm10882762, ibm10882952, ibm10882956, openSUSE-SU-2019:1839-1, openSUSE-SU-2019:1872-1, RHSA-2019:1456-01, Synology-SA-19:19, TYPO3-CORE-SA-2019-009, TYPO3-CORE-SA-2019-010, TYPO3-CORE-SA-2019-011, TYPO3-CORE-SA-2019-012, TYPO3-CORE-SA-2019-013, TYPO3-PSA-2019-004, TYPO3-PSA-2019-005, TYPO3-PSA-2019-006, VIGILANCE-VUL-29070
Oracle Fusion Middleware: vulnerabilities of April 2019
Several vulnerabilities were announced in Oracle products...
cpuapr2019, CVE-2018-11761, CVE-2019-2568, CVE-2019-2572, CVE-2019-2576, CVE-2019-2578, CVE-2019-2579, CVE-2019-2588, CVE-2019-2595, CVE-2019-2601, CVE-2019-2605, CVE-2019-2615, CVE-2019-2616, CVE-2019-2618, CVE-2019-2645, CVE-2019-2646, CVE-2019-2647, CVE-2019-2648, CVE-2019-2649, CVE-2019-2650, CVE-2019-2658, CVE-2019-2706, CVE-2019-2720, VIGILANCE-VUL-29047
jQuery Core: privilege escalation via Object.prototype Pollution
An attacker can bypass restrictions via Object.prototype Pollution of jQuery Core, in order to escalate his privileges...
bulletinoct2019, cpuapr2020, cpujan2020, cpujul2019, cpujul2020, cpuoct2019, cpuoct2020, CST-7312, CVE-2019-11358, DLA-1797-1, DLA-2118-1, DRUPAL-SA-CORE-2019-005, DRUPAL-SA-CORE-2019-006, DSA-4460-1, EZSA-2019-005, FEDORA-2019-2a0ce0c58c, FEDORA-2019-a06dffab1c, FEDORA-2019-f563e66380, NTAP-20190919-0001, openSUSE-SU-2019:1839-1, openSUSE-SU-2019:1872-1, RHSA-2019:1456-01, RHSA-2020:3936-01, Synology-SA-19:19, VIGILANCE-VUL-29030
Our database contains other pages. You can request a free trial to read them.

Display information about Bea WebLogic Server: