Lucene search
K

111 matches found

NCSC
NCSC
added 2025/04/16 3:2 p.m.8 views

Vulnerabilities fixed in Oracle Analytics

Oracle has fixed vulnerabilities in Oracle Analytics. The vulnerabilities allow unauthenticated malicious actors to gain access to sensitive data, attack denial-of-service, and even gain complete control of systems. Specific vulnerabilities in Oracle Business Intelligence Enterprise Edition can...

10CVSS8.1AI score0.46836EPSS
Exploits6References1
CNNVD
CNNVD
added 2025/04/15 12:0 a.m.4 views

Oracle Analytics 安全漏洞

Oracle Analytics is an enterprise analytics solution from Oracle Corporation USA. A security vulnerability exists in Oracle BI Publisher version 7.6.0.0.0 and version 12.2.1.4.0 for Oracle Analytics, which originates from an unauthenticated attacker who can conduct an attack via HTTP web access,...

7.5CVSS7.1AI score0.00382EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/15 12:0 a.m.4 views

Oracle Analytics 安全漏洞

Oracle Analytics is an enterprise analytics solution from Oracle Corporation USA. A security vulnerability exists in Oracle BI Publisher version 7.6.0.0.0 and version 12.2.1.4.0 for Oracle Analytics, which originates from an attack by a low-privileged attacker with HTTP web access, and could resu...

5.4CVSS6.8AI score0.00288EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/02/10 12:0 a.m.6 views

The vulnerability of the Install component of the Oracle Analytics software solution allows a hacker to gain privileged access to the infrastructure.

The vulnerability of the Install component of the Oracle Analytics software solution is related to deficiencies in the authentication mechanism. Exploiting this vulnerability could allow an attacker to gain privileged access to the infrastructure...

7.8CVSS7.7AI score0.00258EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2025/02/06 3:1 a.m.4 views

CVE-2025-21532

Vulnerability in the Oracle Analytics Desktop product of Oracle Analytics component: Install. Supported versions that are affected are Prior to 8.1.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Analytics Desktop executes to...

7.8CVSS6.7AI score0.00258EPSS
Exploits0References1
NVD
NVD
added 2025/01/21 9:15 p.m.6 views

CVE-2025-21532

Vulnerability in the Oracle Analytics Desktop product of Oracle Analytics component: Install. Supported versions that are affected are Prior to 8.1.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Analytics Desktop executes to...

7.8CVSS0.00258EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2025/01/21 9:15 p.m.3 views

CVE-2025-21532

Vulnerability in the Oracle Analytics Desktop product of Oracle Analytics component: Install. Supported versions that are affected are Prior to 8.1.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Analytics Desktop executes to...

7.8CVSS7.2AI score0.00258EPSS
Exploits0References2
OSV
OSV
added 2025/01/21 9:15 p.m.3 views

CVE-2025-21532

Vulnerability in the Oracle Analytics Desktop product of Oracle Analytics component: Install. Supported versions that are affected are Prior to 8.1.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Analytics Desktop executes to...

7.8CVSS7.3AI score0.00258EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/21 12:0 a.m.5 views

Oracle Analytics 安全漏洞

Oracle Analytics is an enterprise analytics solution from Oracle Corporation USA. A security vulnerability exists in Oracle Analytics Desktop prior to version 8.1.0 for Oracle Analytics. An attacker exploiting this vulnerability could cause Oracle Analytics Desktop to be taken over...

7.8CVSS8.5AI score0.00258EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/21 12:0 a.m.4 views

PT-2025-4254 · Oracle · Oracle Analytics Desktop

Name of the Vulnerable Software and Affected Versions: Oracle Analytics Desktop versions prior to 8.1.0 Description: The issue is related to a vulnerability in the Oracle Analytics Desktop product, specifically in the Install component. This vulnerability can be easily exploited by a low-privileg...

7.8CVSS8.7AI score0.00258EPSS
Exploits0References6
OSV
OSV
added 2024/12/06 6:15 p.m.6 views

CVE-2024-11220

A local low-level user on the server machine with credentials to the running OAS services can create and execute a report with an rdlx file on the server system itself. Any code within the rdlx file of the report executes with SYSTEM privileges, resulting in privilege escalation...

7.8CVSS5.9AI score0.00152EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/11/05 12:0 a.m.20 views

Oracle Business Intelligence Enterprise Edition (OAS 7.6) (October 2024 CPU)

The version of Oracle Business Intelligence Enterprise Edition OAS 7.6.0.0 installed on the remote host is affected by multiple vulnerabilities as referenced in the October 2024 CPU advisory, including the following: - Vulnerability in the Oracle Business Intelligence Enterprise Edition product o...

10CVSS7.5AI score0.78483EPSS
Exploits6References5
NCSC
NCSC
added 2024/10/17 1:19 p.m.9 views

Vulnerabilities fixed in Oracle Analytics

Oracle has fixed vulnerabilities in Analytics products. A malicious party can exploit the vulnerabilities to launch attacks that can lead to the following categories of damage: - Denial-of-Service - Manipulation of data - Execution of arbitrary code User Rights - Execution of arbitrary code...

10CVSS7.7AI score0.78483EPSS
Exploits7References1
RedhatCVE
RedhatCVE
added 2024/10/16 10:25 a.m.19 views

CVE-2024-21195

Vulnerability in the Oracle BI Publisher product of Oracle Analytics component: Layout Templates. Supported versions that are affected are 7.0.0.0.0, 7.6.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI...

7.6CVSS7.1AI score0.00426EPSS
Exploits0References1
NVD
NVD
added 2024/10/15 8:15 p.m.13 views

CVE-2024-21254

Vulnerability in the Oracle BI Publisher product of Oracle Analytics component: Web Server. Supported versions that are affected are 7.0.0.0.0, 7.6.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher...

8.8CVSS0.00504EPSS
Exploits0References1
OSV
OSV
added 2024/10/15 8:15 p.m.2 views

CVE-2024-21254

Vulnerability in the Oracle BI Publisher product of Oracle Analytics component: Web Server. Supported versions that are affected are 7.0.0.0.0, 7.6.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher...

8.8CVSS5.8AI score0.00504EPSS
Exploits0References1
NVD
NVD
added 2024/10/15 8:15 p.m.12 views

CVE-2024-21195

Vulnerability in the Oracle BI Publisher product of Oracle Analytics component: Layout Templates. Supported versions that are affected are 7.0.0.0.0, 7.6.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI...

7.6CVSS0.00426EPSS
Exploits0References1
CVE
CVE
added 2024/10/15 7:52 p.m.49 views

CVE-2024-21254

CVE-2024-21254 affects Oracle Analytics’ Oracle BI Publisher Web Server component (and concerns Layout Templates) with versions 7.0.0.0.0, 7.6.0.0.0 and 12.2.1.4.0. The flaw allows a low-privileged, network-accessing attacker over HTTP to compromise Oracle BI Publisher, potentially takeover the p...

8.8CVSS8.4AI score0.00504EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/10/15 7:52 p.m.60 views

CVE-2024-21195

CVE-2024-21195 affects Oracle BI Publisher (Oracle Analytics) - Layout Templates. Affected: 7.0.0.0.0, 7.6.0.0.0, 12.2.1.4.0. Root cause: insufficient input validation in Layout Templates. Risk: remote, network-accessible via HTTP, low privileges; may result in unauthorized data access, data modi...

7.6CVSS7.1AI score0.00426EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/10/15 12:0 a.m.3 views

Oracle Analytics 安全漏洞

Oracle Analytics is an enterprise analytics solution from Oracle Corporation USA. A security vulnerability exists in Oracle BI Publisher versions 7.0.0.0.0, 7.6.0.0.0, and 12.2.1.4.0 of Oracle Analytics. An attacker could exploit the vulnerability to take over Oracle BI Publisher...

8.8CVSS8.1AI score0.00504EPSS
Exploits0References2
Rows per page
Query Builder