|
347441
|
- |
|
bea
|
weblogic_server
|
BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 SP6 and earlier, in certain "heavy usage" scenarios, report incorrect severity levels for an audit event, which might allow attac…
|
NVD-CWE-Other
|
CVE-2005-4753
|
2018-09-28 06:39 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347442
|
- |
|
bea
|
weblogic_server
|
BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier allow remote attackers to obtain sensitive information (intranet IP addresses) via unknown attack vectors involving "network address trans…
|
NVD-CWE-Other
|
CVE-2005-4754
|
2018-09-28 06:38 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347443
|
- |
|
bea
|
weblogic_server
|
BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier (1) stores the private key passphrase (CustomTrustKeyStorePassPhrase) in cleartext in nodemanager.config; or, during domain creation with …
|
NVD-CWE-Other
|
CVE-2005-4755
|
2018-09-28 06:38 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347444
|
- |
|
bea
|
weblogic_server
|
BEA WebLogic Server and WebLogic Express 8.1 SP4 and earlier, and 7.0 SP5 and earlier, do not properly validate derived Principals with multiple PrincipalValidators, which might allow attackers to ga…
|
NVD-CWE-Other
|
CVE-2005-4756
|
2018-09-28 06:38 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347445
|
- |
|
bea
|
weblogic_server
|
BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier, and 7.0 SP5 and earlier, do not properly "constrain" a "/" (slash) servlet root URL pattern, which might allow remote attackers to bypass…
|
NVD-CWE-Other
|
CVE-2005-4757
|
2018-09-28 06:38 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347446
|
- |
|
bea
|
weblogic_server
|
Unspecified vulnerability in the Administration server in BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier allows remote authenticated Admin users to read arbitrary files via unknown atta…
|
NVD-CWE-Other
|
CVE-2005-4758
|
2018-09-28 06:38 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347447
|
- |
|
bea
|
weblogic_server
|
BEA WebLogic Server and WebLogic Express 8.1 SP3 and earlier, and 7.0 SP5 and earlier, when fullyDelegatedAuthorization is enabled for a servlet, does not cause servlet deployment to fail when failur…
|
NVD-CWE-Other
|
CVE-2005-4760
|
2018-09-28 06:38 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347448
|
- |
|
ez
|
ez_publish
|
The siteaccess URIMatching implementation in eZ publish 3.5 through 3.8 before 20050812 converts all non-alphanumeric characters in a URI to '_' (underscore), which allows remote attackers to bypass …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2005-4852
|
2018-09-28 06:38 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347449
|
- |
|
ez
|
ez_publish
|
Unrestricted file upload vulnerability in eZ publish 3.5 before 3.5.5, 3.6 before 3.6.2, 3.7 before 3.7.0rc2, and 3.8 before 20050922 does not restrict Image datatype uploads to image content types, …
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2005-4855
|
2018-09-28 06:38 |
2005-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
347450
|
- |
|
xerox
|
copycentre_c65 copycentre_c75 copycentre_c90 workcentre_65 workcentre_75 workcentre_90
|
Buffer overflow in the PostScript file interpreter code for Xerox CopyCentre and Xerox WorkCentre Pro, running software 1.001.02.073 or earlier, or 1.001.02.074 before 1.001.02.715, allows attackers …
|
NVD-CWE-Other
|
CVE-2006-1136
|
2018-09-28 06:33 |
2006-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|