Bea Systems Weblogic Server — known CVE vulnerabilities
Every CVE whose affected-product data names Bea Systems Weblogic Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2008-3257 — CVSS 10.0 (critical): Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 and earlier…
CVE-2008-0901 — CVSS 7.1 (high): BEA WebLogic Server and Express 7.0 through 10.0 allows remote attackers to conduct brute force password guessing attacks, even when…
CVE-2010-2375 — CVSS 6.4 (medium): Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebLogic Server component in Oracle Fusion…
CVE-2008-0902 — CVSS 4.3 (medium): Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and Express 6.1 through 10.0 MP1 allow remote attackers to…
CVE-2008-0903 — CVSS 4.3 (medium): Unspecified vulnerability in the BEA WebLogic Server and Express proxy plugin, as distributed before November 2007 and before 9.2 MP3 and…