Oracle

Business Intelligence

83 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2021-2041

  • EPSS 1.23%
  • Published 20.01.2021 15:15:48
  • Last modified 21.11.2024 06:02:14

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Installation). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Difficult to exploit vulnerability allows unauthen...

5.8

CVE-2021-2025

  • EPSS 1.09%
  • Published 20.01.2021 15:15:47
  • Last modified 21.11.2024 06:02:12

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Web General). Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable...

4.3

CVE-2021-2005

  • EPSS 0.86%
  • Published 20.01.2021 15:15:45
  • Last modified 21.11.2024 06:02:09

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: BI Platform Security). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows un...

4.9

CVE-2021-2003

  • EPSS 0.19%
  • Published 20.01.2021 15:15:45
  • Last modified 21.11.2024 06:02:09

Vulnerability in the Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Web Dashboards). Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vul...

9.8

CVE-2020-17530

Warning
  • EPSS 94.36%
  • Published 11.12.2020 02:15:10
  • Last modified 03.04.2025 16:07:29

Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25.

5.9

CVE-2020-1971

  • EPSS 0.34%
  • Published 08.12.2020 16:15:11
  • Last modified 21.11.2024 05:11:45

The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they...

7.5

CVE-2019-17566

  • EPSS 0.82%
  • Published 12.11.2020 18:15:12
  • Last modified 21.11.2024 04:32:32

Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the "xlink:href" attributes. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make ...

6.1

CVE-2020-13954

  • EPSS 8.03%
  • Published 12.11.2020 13:15:11
  • Last modified 21.11.2024 05:02:13

By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack via the styleSheetPath, which allows a malicious actor to ...

7.8

CVE-2020-14864

Warning
  • EPSS 94.01%
  • Published 21.10.2020 15:15:24
  • Last modified 07.02.2025 14:45:59

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Installation). Supported versions that are affected are 5.5.0.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows...

6.8

CVE-2020-14843

  • EPSS 0.92%
  • Published 21.10.2020 15:15:22
  • Last modified 21.11.2024 05:04:18

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Actions). Supported versions that are affected are 5.5.0.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability a...