WebLogic OAM 反序列化漏洞（CVE-2021-35587）

漏洞描述

Oracle Fusion Middleware（Oracle融合中间件）是美国甲骨文（Oracle）公司的一套面向企业和云环境的业务创新平台。Oracle Fusion中间件（组件：OpenSSO代理）的Oracle Access Manager产品中存在漏洞。受影响的受支持版本包括11.1.2.3.0、12.2.1.3.0和12.2.1.4.0。易受攻击的漏洞允许通过HTTP访问网络的未经身份验证的攻击者危害Oracle access Manager。成功攻击此漏洞可能会导致Oracle Access Manager被接管。

相关漏洞推荐

ShowDoc /server/index.php?s=/api/adminUpdate/download 文件上传漏洞（CVE-2021-36440）无POC

2025-09-12 | ShowDoc

ShowDoc 2.9.5版本存在一个高危的文件上传漏洞(CVE-2021-36440)，该漏洞源于系统未能对上传文件的类型进行充分验证。攻击者可以绕过安全限制上传任意类型的危险文件，包括但不限于PH...
CVE-2021-1497: Cisco HyperFlex HX Data Platform - Remote Command Execution POC

2025-09-01 | Cisco HyperFlex HX Data Platform

Cisco HyperFlex HX contains multiple vulnerabilities in the web-based management interface that coul...
CVE-2021-1498: Cisco HyperFlex HX Data Platform - Remote Command Execution POC

2025-09-01 | Cisco HyperFlex HX Data Platform

Cisco HyperFlex HX contains multiple vulnerabilities in the web-based management interface that coul...
CVE-2021-1499: Cisco HyperFlex HX Data Platform - File Upload Vulnerability POC

2025-09-01 | Cisco HyperFlex HX Data Platform

A vulnerability in the web-based management interface of Cisco HyperFlex HX Data Platform could allo...
CVE-2021-21234: Spring Boot Actuator Logview Directory Traversal POC

2025-09-01 | Spring Boot Actuator

spring-boot-actuator-logview before version 0.2.13 contains a directory traversal vulnerability in l...

漏洞描述

PoC代码

相关漏洞推荐

ShowDoc /server/index.php?s=/api/adminUpdate/download 文件上传漏洞（CVE-2021-36440） 无POC

CVE-2021-1497: Cisco HyperFlex HX Data Platform - Remote Command Execution POC

CVE-2021-1498: Cisco HyperFlex HX Data Platform - Remote Command Execution POC

CVE-2021-1499: Cisco HyperFlex HX Data Platform - File Upload Vulnerability POC

CVE-2021-21234: Spring Boot Actuator Logview Directory Traversal POC

ShowDoc /server/index.php?s=/api/adminUpdate/download 文件上传漏洞（CVE-2021-36440）无POC