Bi Publisher@12.2.1.3.0 Security Vulnerabilities and Issues — Bi Publisher@12.2.1.3.0 CVE List

Lucene search

OracleBi Publisher12.2.1.3.0

17 matches found

CVE•added 2019/04/20 12:29 a.m.•2189 views

CVE-2019-11358

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype.

6.1CVSS6.4AI score0.02394EPSS

CVE•added 2017/04/17 9:59 p.m.•517 views

CVE-2017-5645

In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code.

9.8CVSS9.5AI score0.94013EPSS

CVE•added 2021/03/23 12:15 a.m.•329 views

CVE-2021-21346

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may allow a remote attacker to load and execute arbitrary code from a remote host only by manipulating the processed input stream. No user is affected, who followed...

9.8CVSS8.3AI score0.03899EPSS

CVE•added 2019/11/08 3:15 p.m.•230 views

CVE-2019-10219

A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.

6.5CVSS6AI score0.01915EPSS

CVE•added 2022/01/19 12:15 p.m.•97 views

CVE-2022-21346

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Security). Supported versions that are affected are 5.5.0.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

7.5CVSS7.1AI score0.03861EPSS

CVE•added 2022/07/19 10:15 p.m.•74 views

CVE-2022-21523

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Security). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI P...

4.3CVSS3.8AI score0.00425EPSS

CVE•added 2021/07/21 3:15 p.m.•70 views

CVE-2021-2400

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite - XDO). Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP ...

7.5CVSS7.1AI score0.32418EPSS

CVE•added 2022/10/18 9:15 p.m.•70 views

CVE-2022-21590

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Core Formatting API). Supported versions that are affected are 5.9.0.0, 6.4.0.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to comp...

7.6CVSS7.4AI score0.00183EPSS

CVE•added 2021/07/21 3:15 p.m.•57 views

CVE-2021-2392

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Security). Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to...

9CVSS8.2AI score0.02621EPSS

CVE•added 2021/07/21 3:15 p.m.•56 views

CVE-2021-2391

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Scheduler). Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise ...

9CVSS8.3AI score0.0924EPSS

CVE•added 2021/07/21 3:15 p.m.•54 views

CVE-2021-2401

5.3CVSS4.4AI score0.17017EPSS

CVE•added 2021/07/21 3:15 p.m.•51 views

CVE-2021-2396

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite - XDO). Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP t...

9CVSS8.3AI score0.0924EPSS

CVE•added 2019/10/16 6:15 p.m.•46 views

CVE-2019-2898

Vulnerability in the BI Publisher (formerly XML Publisher) product of Oracle Fusion Middleware (component: BI Publisher Security). Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via ...

4.3CVSS4AI score0.00302EPSS

CVE•added 2020/07/15 6:15 p.m.•45 views

CVE-2020-14571

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Mobile Service). Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracl...

7.2CVSS6.6AI score0.00823EPSS

CVE•added 2020/07/15 6:15 p.m.•45 views

CVE-2020-14584

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Security). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle BI ...

8.2CVSS8.3AI score0.03174EPSS

CVE•added 2020/07/15 6:15 p.m.•42 views

CVE-2020-14570

7.1CVSS7.1AI score0.02011EPSS

CVE•added 2020/07/15 6:15 p.m.•42 views

CVE-2020-14585

8.2CVSS8.3AI score0.02913EPSS