Known Vulnerabilities for products from Bea
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Bea".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2010-2375 | Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebLogic Server component in ... | 6.4 - MEDIUM | 2010-07-13 | 2018-10-30 |
| CVE-2008-3257 | Stack-based buffer overflow in the Apache Connector (mod_wl) in Oracle WebLogic Server (formerly BEA WebLogic Server) 10.3 an... | 10 - HIGH | 2008-07-22 | 2017-09-29 |
| CVE-2008-0902 | Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and Express 6.1 through 10.0 MP1 allow remote atta... | 4.3 - MEDIUM | 2008-02-22 | 2011-03-08 |
| CVE-2008-0901 | BEA WebLogic Server and Express 7.0 through 10.0 allows remote attackers to conduct brute force password guessing attacks, ev... | 7.1 - HIGH | 2008-02-22 | 2018-10-15 |
| CVE-2008-0900 | Session fixation vulnerability in BEA WebLogic Server and Express 8.1 SP4 through SP6, 9.2 through MP1, and 10.0 allows remot... | 6 - MEDIUM | 2008-02-22 | 2011-03-08 |
| CVE-2008-0899 | Cross-site scripting (XSS) vulnerability in the Administration Console in BEA WebLogic Server and Express 9.0 through 10.0 al... | 4.3 - MEDIUM | 2008-02-22 | 2011-03-08 |
| CVE-2008-0898 | The distributed queue feature in JMS in BEA WebLogic Server 9.0 through 10.0, in certain configurations, does not properly ha... | 5.8 - MEDIUM | 2008-02-22 | 2011-03-08 |
| CVE-2008-0897 | Unspecified vulnerability in BEA WebLogic Server 9.0 through 10.0 allows remote authenticated users without "receive" permiss... | 7.9 - HIGH | 2008-02-22 | 2011-03-08 |
| CVE-2008-0895 | BEA WebLogic Server and WebLogic Express 6.1 through 10.0 allows remote attackers to bypass authentication for application se... | 6.4 - MEDIUM | 2008-02-22 | 2011-03-08 |
| CVE-2008-0869 | Cross-site scripting (XSS) vulnerability in BEA WebLogic Workshop 8.1 through SP6 and Workshop for WebLogic 9.0 through 10.0 ... | 4.3 - MEDIUM | 2008-02-21 | 2011-03-08 |
| CVE-2008-0866 | Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Workshop allow remote attackers to inject arbitrary web s... | 4.3 - MEDIUM | 2008-02-21 | 2011-03-08 |
| CVE-2008-0863 | BEA WebLogic Server and WebLogic Express 9.0 and 9.1 exposes the web service's WSDL and security policies, which allows remot... | 5 - MEDIUM | 2008-02-21 | 2011-03-08 |
| CVE-2007-6384 | Unspecified vulnerability in the Image Converter functionality in BEA WebLogic Mobility Server 3.3, 3.5, and 3.6 through 3.6 ... | 7.5 - HIGH | 2007-12-15 | 2017-08-08 |
| CVE-2007-6198 | portal/server.pt in the Plumtree portal in BEA AquaLogic Interaction 5.0.2 through 5.0.4 and 6.0.1.218452 allows wildcards in... | 5 - MEDIUM | 2007-12-01 | 2018-10-15 |
| CVE-2007-6197 | The Plumtree portal in BEA AquaLogic Interaction 5.0.2 through 5.0.4 and 6.0.1.218452 allows remote attackers to obtain versi... | 5 - MEDIUM | 2007-12-01 | 2018-10-15 |
| CVE-2007-5576 | BEA Tuxedo 8.0 before RP392 and 8.1 before RP293, and WebLogic Enterprise 5.1 before RP174, echo the password in cleartext, w... | 6.8 - MEDIUM | 2007-10-18 | 2018-10-30 |
| CVE-2007-4618 | Unspecified vulnerability in BEA WebLogic Server 6.1 Gold through SP7 and 7.0 Gold through SP7 allows remote attackers to cau... | 7.8 - HIGH | 2007-08-31 | 2018-10-26 |
| CVE-2007-4617 | Unspecified vulnerability in BEA WebLogic Server 6.1 Gold through SP7, 7.0 Gold through SP7, and 8.1 Gold through SP4 allows ... | 7.8 - HIGH | 2007-08-31 | 2018-10-26 |
| CVE-2007-4616 | The SSL server implementation in BEA WebLogic Server 7.0 Gold through SP7, 8.1 Gold through SP6, 9.0, 9.1, 9.2 Gold through M... | 6.4 - MEDIUM | 2007-08-31 | 2018-10-26 |
| CVE-2007-4615 | The SSL client implementation in BEA WebLogic Server 7.0 SP7, 8.1 SP2 through SP6, 9.0, 9.1, 9.2 Gold through MP2, and 10.0 s... | 6.4 - MEDIUM | 2007-08-31 | 2017-07-29 |
Known software with vulnerabilities from Bea
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Bea | Aqualogic .net Portlet Toolkit | 1.1.0.0 |
| Application | Bea | Aqualogic Analytics | 2.5.1.0 |
| Application | Bea | Aqualogic Enterprise Security | - |
| Application | Bea | Aqualogic Interaction | - |
| Application | Bea | Aqualogic Interaction Collaboration | 4.5.1.328258 |
| Application | Bea | Aqualogic Interaction Content Service For Windows Files | 1.0.0.0 |
| Application | Bea | Aqualogic Interaction Identity Service For Ldap | 2.2.2.0 |
| Application | Bea | Aqualogic Service Bus | - |
| Application | Bea | Jolt | 1.2 |
| Application | Bea | Jrockit | - |
| Application | Bea | Jrockit Jdk | r28.1.3 |
| Application | Bea | Jrockit Jre | r27.6.3 |
| Application | Bea | Jrockit Mission Control | 3.1.0 |
| Application | Bea | Liquid Data | - |
| Application | Bea | Logging Utilities | 6.1.0.0 |
| Application | Bea | Tuxedo | - |
| Application | Bea | Weblogic Integration | - |
| Application | Bea | Weblogic Mobility Server | - |
| Application | Bea | Weblogic Platform | 8.1 |
| Application | Bea | Weblogic Portal | - |