bea

158 tracked vulnerabilities.

CVE-2003-1220
BEA WebLogic Server 6.1-8.1 SP 1 - Denial of Service via Malformed URL
Dec 31, 2003
EPSS 0.00
CVE-2003-1221
BEA WebLogic Express & Server <8.1 SP 1 - Info Disclosure
Dec 31, 2003
EPSS 0.00
CVE-2003-1222
BEA Weblogic Express & Server <8.2 - Info Disclosure
Dec 31, 2003
EPSS 0.00
CVE-2003-1223
BEA WebLogic Server 6.1-8.1 SP1 - Denial of Service via Malformed Data to Node Manager Port
Dec 31, 2003
EPSS 0.00
CVE-2003-1224
BEA WebLogic Server/Express 7.0-7.0.0.1 - Info Disclosure
Dec 31, 2003
EPSS 0.00
CVE-2003-1225
BEA WebLogic Server/Express <7.0.1 - Info Disclosure
Dec 31, 2003
EPSS 0.00
CVE-2003-1226
BEA WebLogic Server/Express <7.0.0.1 - Info Disclosure
Dec 31, 2003
EPSS 0.00
CVE-2003-1290
BEA WebLogic Server & WebLogic Express <8.1 - Info Disclosure
Dec 31, 2003
EPSS 0.00
CVE-2003-1437
BEA WebLogic Server 7.0 and 7.0.0.1 - Plaintext Password Storage in Keystore
Dec 31, 2003
EPSS 0.00
CVE-2003-1438
BEA WebLogic Server 5.1-7.0.0.1 - Unprotected User Data Exposure via Session Replication Race Condition
Dec 31, 2003
EPSS 0.00
CVE-2003-0621
BEA Tuxedo 8.1 - Information Disclosure via INIFILE Path Manipulation
Dec 01, 2003
EPSS 0.07
CVE-2003-0622
BEA Tuxedo <= 8.1 - Denial of Service via MS-DOS Device Name Path Handling
Dec 01, 2003
EPSS 0.01
CVE-2003-0623
BEA Tuxedo 8.1 - Cross-Site Scripting via INIFILE Argument
Dec 01, 2003
EPSS 0.01
CVE-2003-0624
BEA WebLogic Server < 8.1 - Cross-Site Scripting via InteractiveQuery.jsp Person Parameter
Dec 01, 2003
EPSS 0.03
CVE-2003-0733
WebLogic Integration <7.0 & Liquid Data <1.1 - XSS
Oct 20, 2003
EPSS 0.01
CVE-2003-0640
BEA WebLogic Server - Privilege Escalation
Aug 27, 2003
EPSS 0.01
CVE-2003-0151
BEA WebLogic Server & Express <7.0 - RCE
Mar 24, 2003
EPSS 0.05
CVE-2003-1095
BEA WebLogic Server/Express 7.0-7.0.0.1 - Privilege Escalation
Mar 18, 2003
EPSS 0.00
CVE-2002-2141
BEA WebLogic Server & Express 7.0-7.0.0.1 - Privilege Escalation
Dec 31, 2002
EPSS 0.01
CVE-2002-2142
BEA WebLogic Server and Express - Unauthenticated Role Mapping Bypass via Servlet URL Pattern Handling
Dec 31, 2002
EPSS 0.01
CVE-2002-2177
BEA WebLogic Server and Express <7.0.0.1 - Info Disclosure
Dec 31, 2002
EPSS 0.00
CVE-2002-1030
BEA WebLogic Server 5.1.x, 6.0.x, 6.1.x, 7.0 - Denial of Service via Performance Pack Race Condition
Oct 04, 2002
EPSS 0.01
CVE-2002-0106
BEA WebLogic Server 6.1 - Denial of Service via JSP MS-DOS Device Name Requests
Mar 25, 2002
EPSS 0.06
CVE-2001-1477
BEA Tuxedo 7.1 - Privilege Escalation
Dec 31, 2001
EPSS 0.00
CVE-2001-0098
WebLogic Server < 4.5.2 - Remote Code Execution via Long URL with Dot-Dot Sequence
Feb 12, 2001
EPSS 0.21
Products
weblogic_server 149 tuxedo 5 weblogic_integration 4 weblogic_workshop 4 aqualogic_interaction 2 aqualogic_service_bus 2 aqualogic_enterprise_security 1 jrockit 1 liquid_data 1 weblogic_mobility_server 1
Quick Filters
Critical CVEs With Exploits In CISA KEV