Lucene search
K

111 matches found

Prion
Prion
added 2024/02/17 2:15 a.m.19 views

Design/Logic Flaw

Vulnerability in the Oracle BI Publisher product of Oracle Analytics component: Web Server. Supported versions that are affected are 6.4.0.0.0 and 7.0.0.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher. Successful...

4.9CVSS6.3AI score0.00308EPSS
Exploits0References1
CVE
CVE
added 2024/02/17 1:50 a.m.59 views

CVE-2024-20980

CVE-2024-20980 affects the Oracle BI Publisher Web Server in Oracle Analytics, impacting versions 6.4.0.0.0 and 7.0.0.0.0. The vulnerability can be exploited by a low-privilege attacker with network access over HTTP, requiring user interaction, to cause unauthorized updates/inserts/deletes and un...

5.4CVSS4.8AI score0.00308EPSS
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/01/29 12:0 a.m.35 views

Oracle Business Intelligence Publisher (January 2024 CPU)

The versions of Oracle Business Intelligence Publisher installed on the remote host are affected by multiple vulnerabilities as referenced in the January 2024 CPU advisory. - Vulnerability in the Oracle BI Publisher product of Oracle Analytics component: Web Server. Supported versions that are...

5.4CVSS6.4AI score0.00308EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2024/01/29 12:0 a.m.69 views

Oracle Business Intelligence Publisher 6.4 / 7.0 (OAS) (January 2024 CPU)

The versions of Oracle Business Intelligence Publisher OAS installed on the remote host are affected by a vulnerability as referenced in the January 2024 CPU advisory. - Vulnerability in the Oracle BI Publisher product of Oracle Analytics component: Web Server. Supported versions that are affecte...

5.4CVSS6.3AI score0.00308EPSS
Exploits0References3
NCSC
NCSC
added 2024/01/18 12:0 a.m.9 views

Vulnerabilities fixed in Oracle Analytics

Oracle has fixed vulnerabilities in several Analytics products. A malicious party could exploit the vulnerabilities to execute attacks that could result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Manipulation of data Access to sensitive data Oracle has...

8.2CVSS6.8AI score0.19442EPSS
Exploits5
NVD
NVD
added 2024/01/16 10:15 p.m.27 views

CVE-2024-20979

Vulnerability in the Oracle BI Publisher product of Oracle Analytics component: Web Server. Supported versions that are affected are 6.4.0.0.0, 7.0.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher...

5.4CVSS5AI score0.00269EPSS
Exploits0References1
NVD
NVD
added 2024/01/16 10:15 p.m.25 views

CVE-2024-20904

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics component: Pod Admin. Supported versions that are affected are 6.4.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Orac...

5CVSS4.7AI score0.00375EPSS
Exploits0References1
Prion
Prion
added 2024/01/16 10:15 p.m.20 views

Buffer overflow

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics component: Pod Admin. Supported versions that are affected are 6.4.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Orac...

4CVSS5.9AI score0.00375EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/01/16 9:41 p.m.54 views

CVE-2024-20987

CVE-2024-20987 affects Oracle BI Publisher Web Server (Oracle Analytics). Version 12.2.1.4.0 is vulnerable due to insufficient input validation in the Web Server component. An unauthenticated attacker with network access over HTTP, requiring user interaction, can lead to unauthorized update/inser...

5.4CVSS4.9AI score0.00308EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/01/16 9:41 p.m.54 views

CVE-2024-20979

Oracle BI Publisher (Oracle Analytics) contains CVE-2024-20979 affecting Web Server component. Affected versions: 6.4.0.0.0, 7.0.0.0.0, and 12.2.1.4.0. The vulnerability is exploitable over HTTP with network access by a low-privileged user and user interaction is required. Impact includes potenti...

5.4CVSS4.8AI score0.00269EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/01/16 9:41 p.m.69 views

CVE-2024-20904

CVE-2024-20904 affects Oracle Business Intelligence Enterprise Edition (pod Admin) versions 6.4.0.0.0 and 12.2.1.4.0. The issue arises from insufficient input validation in the Pod Admin component, allowing a low-privileged attacker with network access via HTTP to read a subset of data. Attacks m...

5CVSS4.5AI score0.00375EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/01/16 12:0 a.m.5 views

Oracle BI Publisher Security Vulnerability

Oracle BI Publisher is a reporting solution from Oracle Corporation USA that makes it easier and faster to create, manage and deliver all reports and documents than traditional reporting tools. A security vulnerability exists in Oracle BI Publisher version 12.2.1.4.0 for Oracle Analytics. An...

5.4CVSS6.6AI score0.00308EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/01/16 12:0 a.m.3 views

Oracle Business Intelligence Enterprise Edition Security Vulnerability

Oracle Business Intelligence Enterprise Edition is an intelligent business analytics software from Oracle. Visualize and analyze enterprise data to aid decision-making, reduce total cost of ownership, and increase ROI across the organization. A security vulnerability exists in Oracle Business...

5CVSS6.5AI score0.00375EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.109 views

Oracle Business Intelligence Enterprise Edition (OAS 7.0) (October 2023 CPU)

The version of Oracle Business Intelligence Enterprise Edition OAS 7.0.0.0 installed on the remote host is affected by multiple vulnerabilities as referenced in the October 2023 CPU advisory, including the following: - Vulnerability in the Oracle Business Intelligence Enterprise Edition product o...

9.8CVSS7.4AI score0.42646EPSS
Exploits4References6
Tenable Nessus
Tenable Nessus
added 2023/10/19 12:0 a.m.60 views

Oracle Business Intelligence Publisher 6.4 / 7.0 (OAS) (October 2023 CPU)

The versions of Oracle Business Intelligence Publisher OAS installed on the remote host are affected by a vulnerability as referenced in the October 2023 CPU advisory. - Vulnerability in the BI Publisher product of Oracle Analytics component: Web Server. Supported versions that are affected are...

5.4CVSS5.8AI score0.00341EPSS
Exploits0References3
NCSC
NCSC
added 2023/10/19 12:0 a.m.8 views

Vulnerabilities fixed in Oracle Analytics

Vulnerabilities have been fixed in Oracle Analytics products. A malicious party can exploit the vulnerabilities to launch attacks execute attacks that can result in the following categories of damage: Denial-of-Service DoS. Circumvention of security measure Accessing sensitive data Accessing syst...

9.9CVSS7.7AI score0.8383EPSS
Exploits16
NVD
NVD
added 2023/10/17 10:15 p.m.24 views

CVE-2023-22105

Vulnerability in the BI Publisher product of Oracle Analytics component: Web Server. Supported versions that are affected are 6.4.0.0.0 and 7.0.0.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise BI Publisher. Successful attacks requir...

5.4CVSS5AI score0.00341EPSS
Exploits0References1
NVD
NVD
added 2023/10/17 10:15 p.m.21 views

CVE-2023-22109

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics component: Analytics Web Dashboards. Supported versions that are affected are 6.4.0.0.0, 7.0.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access v...

4.6CVSS4.7AI score0.00341EPSS
Exploits0References1
OSV
OSV
added 2023/10/17 10:15 p.m.3 views

CVE-2023-22109

Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Analytics component: Analytics Web Dashboards. Supported versions that are affected are 6.4.0.0.0, 7.0.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access v...

4.6CVSS5.8AI score0.00341EPSS
Exploits0References1
OSV
OSV
added 2023/10/17 10:15 p.m.4 views

CVE-2023-22105

Vulnerability in the BI Publisher product of Oracle Analytics component: Web Server. Supported versions that are affected are 6.4.0.0.0 and 7.0.0.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise BI Publisher. Successful attacks requir...

5.4CVSS5.8AI score0.00341EPSS
Exploits0References1
Rows per page
Query Builder