Every CVE whose affected-product data names Bea Tuxedo, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2007-5576 — CVSS 6.8 (medium): BEA Tuxedo 8.0 before RP392 and 8.1 before RP293, and WebLogic Enterprise 5.1 before RP174, echo the password in cleartext, which allows…
CVE-2003-0621 — CVSS 5.0 (medium): The Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to determine the existence of files outside the web root…
CVE-2003-0622 — CVSS 5.0 (medium): The Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to cause a denial of service (hang) via pathname…
CVE-2001-1477 — CVSS 4.6 (medium): The Domain gateway in BEA Tuxedo 7.1 does not perform authorization checks for imported services and qspaces on remote domains, even when…
CVE-2003-0623 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to inject…