|
Oct 13 2010
|
Oracle WebLogic Node Manager Remote Configuration Capability Lets Remote Users Execute Arbitrary Commands
|
|
Jul 14 2010
|
Oracle WebLogic Plugin Encoding Error Lets Remote Users Inject HTTP Headers
|
|
Jan 25 2010
|
Oracle WebLogic Node Manager Lets Remote Users Execute Commands
|
|
Jan 12 2010
|
Oracle BEA WebLogic Server and Portal Bugs Let Remote Users Access and Modify Data and Deny Service
|
|
Oct 20 2009
|
Oracle BEA WebLogic Server and Portal Bugs Let Remote Authenticated Users Modify Data
|
|
Jul 15 2009
|
WebLogic Server Bugs Let Remote Users Gain Access and Modify Data and Deny Service
|
|
Apr 14 2009
|
Oracle WebLogic Server and Portal Bugs Let Remote Users Access and Modify Data and Cause Denial of Service Conditions
|
|
Jan 14 2009
|
WebLogic Bugs Let Remote Users Execute Arbitary Code, Acces and Modify Information, and Deny Service
|
|
Oct 15 2008
|
WebLogic Bugs Let Remote Users Execute Arbitary Code, Acces and Modify Information, and Deny Service
|
|
Jul 18 2008
|
Oracle WebLogic Apache Connector Lets Remote Users Execute Arbitrary Code
|
|
Jul 16 2008
|
Oracle WebLogic Server Bugs Let Remote Users Access and Modify Data and Cause Denial of Service Conditions
|
|
Feb 20 2008
|
WebLogic Portal Discloses Web Service WSDL and Policy to Remote Users
|
|
Feb 20 2008
|
WebLogic Portal Administrative Policy Errors May Let Remote Users Access Restricted Pages
|
|
Feb 20 2008
|
WebLogic Portal Entitlement Deletion Bug May Let Remote Users Access Portlets
|
|
Feb 20 2008
|
WebLogic Portal Input Validation Hole in Groupspace Function Permits Cross-Site Scripting Attacks
|
|
Feb 20 2008
|
WebLogic Portal Lets Remote Users Bypass Entitlements
|
|
Feb 20 2008
|
WebLogic Proxy Plugin Lets Remote Users Deny Service
|
|
Feb 20 2008
|
WebLogic Lets Remote Users Bypass the Account Lockout Feature
|
|
Feb 20 2008
|
WebLogic Server Administration Console Input Validation Hole Permits Cross-Site Scripting Attacks
|
|
Feb 20 2008
|
WebLogic Bug Lets Remote Users Bypass Security Policy and Send Messages to a Queue
|
|
Feb 20 2008
|
WebLogic Security Policy Bug May Let Remote Users Access JMS Messages
|
|
Feb 20 2008
|
WebLogic Servlets May Grant Access to Remote Users Based on Modified HTTP Request Header Values
|
|
Feb 19 2008
|
WebLogic Portal Administration Console May Use Non-Secure Sessions
|
|
Feb 19 2008
|
WebLogic Workshop NetUI Input Validation Bugs Permit Cross-Site Scripting Attacks
|
|
Feb 19 2008
|
WebLogic Server and WebLogic Express Session Security Bug Lets Remote Authenticated Users Gain Elevated Privileges
|
|
Feb 19 2008
|
WebLogic Workshop Input Validation Hole Permits Cross-Site Scripting Attacks
|
|
Dec 12 2007
|
WebLogic Mobility Server Image Converter Lets Remote Users Access Resources
|
|
Aug 29 2007
|
WebLogic SSL Server May Use Null Encryption
|
|
Aug 29 2007
|
WebLogic SSL Clients May Use Null Encryption
|
|
May 15 2007
|
WebLogic Portal Input Validation Hole Permits Cross-Site Scripting Attacks and Entitlement Bug Lets Remote Users Access Resources
|
|
May 15 2007
|
BEA WebLogic Integration Directory Traversal Bug Lets Remote Users List Certain Directories
|
|
May 14 2007
|
BEA WebLogic Server Multiple Bugs Let Remote Users Deny Service, Gain Elevated Privileges
|
|
May 14 2007
|
(BEA Issues Fix for WebLogic) OpenSSL RSA Signatures Can Be Forged
|
|
Jan 17 2007
|
WebLogic Bugs Let Remote Users Gain Access, Obtain Information, and Deny Service
|
|
Jan 16 2007
|
WebLogic Portal Policy Modification Errors May Let Remote Users Access Resources
|
|
Jan 16 2007
|
WebLogic Certificate Validation Error May Let Remote Users Access the System in Certain Cases
|
|
May 15 2006
|
WebLogic Server JTA Transactions May Be Sent Unencrypted
|
|
May 15 2006
|
WebLogic Server Quality of Service Error Causes Transaction Coordinator Messages to Be Sent Unencrypted
|
|
May 15 2006
|
WebLogic Server Admin Password Reset Mechanism May Disclose the Password to Local Users
|
|
May 15 2006
|
WebLogic JSP Compilation Error May Allow Remote Users to View JSP Source Code
|
|
May 15 2006
|
WebLogic Server Console Displays the Domain Name Prior to Authentication
|
|
May 15 2006
|
WebLogic Server Records Failed User Passwords in the Server Log File
|
|
May 15 2006
|
WebLogic Server May Incorrectly Remove JDBC Security Policies
|
|
May 15 2006
|
WebLogic Server May Disclose Internal Network Addresses
|
|
May 15 2006
|
WebLogic Server May Let Applications Obtain Private Keys
|
|
May 15 2006
|
WebLogic 'stopWebLogic.sh' Displays the Administrative Password When Typed By the Administrator
|
|
Mar 20 2006
|
WebLogic Server Default Internal Servlet May Let Remote Users Access the Local File System
|
|
Mar 20 2006
|
WebLogic Portal May Disclose a User's JSR-168 Portlet Contents
|
|
Mar 20 2006
|
WebLogic XML Document Parsing Memory Error Lets Remote Users Deny Service
|
|
Jan 24 2006
|
BEA WebLogic Multiple Bugs Let Remote Users Deny Service, Obtain Information, and Access Restricted Resources
|
|
Oct 10 2005
|
BEA WebLogic Server Multiple Bugs Let Remote Users Deny Service, Obtain Information, and Conduct Cross-Site Scripting Attacks
|
|
Aug 22 2005
|
WebLogic Portal Access Control Flaw May Grant Remote Users Access to Entitled Pages
|
|
Jul 3 2005
|
BEA WebLogic May Allow Remote Users to Conduct HTTP Response Smuggling Attacks
|
|
May 25 2005
|
BEA WebLogic Server and WebLogic Portal Have Multiple Vulnerabilities
|
|
Apr 26 2005
|
BEA WebLogic Administration Console Input Validation Hole in 'JndiFramesetAction' Permits Cross-Site Scripting Attacks
|
|
Feb 14 2005
|
BEA WebLogic Discloses the Reason for Authentication Failure to Remote Users
|
|
Sep 14 2004
|
WebLogic May Transmit Sensitive Information in Clear Text When the Administration Port is Not Enabled
|
|
Sep 14 2004
|
WebLogic Active Directory LDAP Error May Fail to Disable User Accounts
|
|
Sep 14 2004
|
WebLogic Server May Deploy With Incomplete Security When an Error Occurs During Deployment
|
|
Sep 14 2004
|
WebLogic Discloses System Version Information to Remote Users
|
|
Sep 14 2004
|
WebLogic Administrative Console May Display Passwords in Certain Cases
|
|
Sep 14 2004
|
WebLogic Command and Administrative Scripts May Contain Clear Text Passwords
|
|
Sep 14 2004
|
WebLogic Case-Sensitive 'web.xml' Patterns May Let Remote Users Access Restricted URLs
|
|
Sep 14 2004
|
WebLogic Server Lets Remote Users Execute Some Administration Commands
|
|
Sep 14 2004
|
BEA WebLogic May Disclose Some Internal Server Objects to Remote Users
|
|
Jun 29 2004
|
(BEA WebLogic is Affected) Crystal Reports Input Validation Flaws Let Remote Users View and Delete Files and Deny Service
|
|
Jun 29 2004
|
BEA WebLogic role-name Tag Error May Let Remote Users Access Applications
|
|
Jun 14 2004
|
BEA WebLogic Server May Return an Unexpected User Identity to Certain RMI Requests
|
|
Jun 14 2004
|
BEA WebLogic Running SSL Can Be Crashed By Remote Users
|
|
May 11 2004
|
BEA WebLogic May Let Remote Authenticated Admin/Operator Users Start or Stop Server
|
|
May 11 2004
|
BEA WebLogic 'security-role-assignment' Coding Error May Delete Access Controls Tag
|
|
Apr 21 2004
|
BEA WebLogic 'config.sh' and 'config.cmd' May Disclose Administrative Password to Local Users
|
|
Apr 21 2004
|
BEA WebLogic Bug Lets Applications Remove EJB Objects Without Permission
|
|
Apr 21 2004
|
BEA WebLogic May Stop Protecting URLs When Configured With Certain Illegal Protection Patterns
|
|
Apr 13 2004
|
BEA WebLogic May Disclose Administrative Password in Certain Cases
|
