Oracle

Hyperion Financial Reporting

13 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2025-50108

  • EPSS 0.03%
  • Veröffentlicht 15.07.2025 19:27:52
  • Zuletzt bearbeitet 24.07.2025 20:32:18

Vulnerability in the Oracle Hyperion Financial Reporting product of Oracle Hyperion (component: Workspace). The supported version that is affected is 11.2.20.0.000. Easily exploitable vulnerability allows low privileged attacker with network access...

5.8

CVE-2021-35665

  • EPSS 0.58%
  • Veröffentlicht 20.10.2021 11:17:22
  • Zuletzt bearbeitet 21.11.2024 06:12:46

Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.6.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

5.5

CVE-2021-27807

  • EPSS 0.54%
  • Veröffentlicht 19.03.2021 16:15:13
  • Zuletzt bearbeitet 21.11.2024 05:58:36

A carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.

5.5

CVE-2021-27906

  • EPSS 0.54%
  • Veröffentlicht 19.03.2021 16:15:13
  • Zuletzt bearbeitet 21.11.2024 05:58:45

A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.

7.5

CVE-2019-17566

  • EPSS 0.82%
  • Veröffentlicht 12.11.2020 18:15:12
  • Zuletzt bearbeitet 21.11.2024 04:32:32

Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the "xlink:href" attributes. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make ...

6.1

CVE-2020-11023

Warnung Exploit
  • EPSS 21.32%
  • Veröffentlicht 29.04.2020 21:15:11
  • Zuletzt bearbeitet 24.01.2025 02:00:02

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may ex...

3.5

CVE-2020-2769

  • EPSS 0.4%
  • Veröffentlicht 15.04.2020 14:15:26
  • Zuletzt bearbeitet 21.11.2024 05:26:13

Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion (component: Web Based Report Designer). The supported version that is affected is 11.1.2.4. Easily exploitable vulnerability allows high privileged attacker with network acc...

4.2

CVE-2019-2959

  • EPSS 0.36%
  • Veröffentlicht 16.10.2019 18:15:30
  • Zuletzt bearbeitet 21.11.2024 04:41:52

Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion (component: Security Models). The supported version that is affected is 11.1.2.4. Difficult to exploit vulnerability allows high privileged attacker with network access via ...

9.8

CVE-2019-0228

  • EPSS 7.84%
  • Veröffentlicht 17.04.2019 15:29:00
  • Zuletzt bearbeitet 21.11.2024 04:16:32

Apache PDFBox 2.0.14 does not properly initialize the XML parser, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XFDF.

8.6

CVE-2018-2907

  • EPSS 1.83%
  • Veröffentlicht 18.07.2018 13:29:01
  • Zuletzt bearbeitet 21.11.2024 04:04:43

Vulnerability in the Hyperion Financial Reporting component of Oracle Hyperion (subcomponent: Security Models). The supported version that is affected is 11.1.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via...