Oracle Business Intelligence - Path Traversal

Oracle Business Intelligence versions 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0 are vulnerable to path traversal in the BI Publisher formerly XML Publisher component of Oracle Fusion Middleware subcomponent: BI Publisher Security. id: CVE-2019-2588 info: name: Oracle Business Intelligence - Path...

CVE-2019-2768

Vulnerability in the BI Publisher formerly XML Publisher component of Oracle Fusion Middleware subcomponent: BI Publisher Security. The supported version that is affected is 11.1.1.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI...

CVE-2019-2588

Vulnerability in the BI Publisher formerly XML Publisher component of Oracle Fusion Middleware subcomponent: BI Publisher Security. Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows high privileged attacker with network access...

CVE-2019-2906

Vulnerability in the BI Publisher formerly XML Publisher product of Oracle Fusion Middleware component: Mobile Service. Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...

CVE-2019-2771

Vulnerability in the BI Publisher formerly XML Publisher component of Oracle Fusion Middleware subcomponent: BI Publisher Security. Supported versions that are affected are 11.1.1.9.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2019-2601

Vulnerability in the BI Publisher formerly XML Publisher component of Oracle Fusion Middleware subcomponent: BI Publisher Security. Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access v...

CVE-2019-2595

Vulnerability in the BI Publisher formerly XML Publisher component of Oracle Fusion Middleware subcomponent: BI Publisher Security. Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access...

CVE-2019-2767

Vulnerability in the BI Publisher formerly XML Publisher component of Oracle Fusion Middleware subcomponent: BI Publisher Security. The supported version that is affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network acces...

CVE-2021-2392

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware component: BI Publisher Security. Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2021-2396

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware component: E-Business Suite - XDO. Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP t...

Oracle Business Intelligence Publisher (OAS) (October 2025 CPU)

The 7.6.0.0.0, and 8.2.0.0.0 versions of Oracle Business Intelligence Publisher installed on the remote host are affected by multiple vulnerabilities as referenced in the October 2025 CPU advisory. - Vulnerability in the Oracle BI Publisher product of Oracle Analytics component: Web Service API...

Exploit for Improper Authentication in Oracle Concurrent_Processing

CVE‑2025‑61882 Scan/Exploit ⚠️Legal Disclaimer Legal...

CVE-2025-61754

Vulnerability in the Oracle BI Publisher product of Oracle Analytics component: Web Service API. Supported versions that are affected are 7.6.0.0.0 and 8.2.0.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher...

CVE-2025-61754

Vulnerability in the Oracle BI Publisher product of Oracle Analytics component: Web Service API. Supported versions that are affected are 7.6.0.0.0 and 8.2.0.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher...

CVE-2025-61754

Vulnerability in the Oracle BI Publisher product of Oracle Analytics component: Web Service API. Supported versions that are affected are 7.6.0.0.0 and 8.2.0.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher...

EUVD-2025-35255

Vulnerability in the Oracle BI Publisher product of Oracle Analytics component: Web Service API. Supported versions that are affected are 7.6.0.0.0 and 8.2.0.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher...

CVE-2025-61882: Imperva Customers Protected Against Critical Oracle EBS Zero-Day RCE

TL;DR: In early October 2025, Oracle released an emergency security alert addressing CVE-2025-61882, a high-severity unauthenticated remote code execution RCE vulnerability in the Concurrent Processing / BI Publisher Integration component of Oracle E-Business Suite EBS versions 12.2.3 through...

CVE-2025-61882

Vulnerability in the Oracle Concurrent Processing product of Oracle E-Business Suite component: BI Publisher Integration. Supported versions that are affected are 12.2.3-12.2.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

EUVD-2009-0993

Malware in sbrugna...

EUVD-2020-6832

Malware in sbrugna...