5 matches found
CVE-2019-10219
The CVE-2019-10219 entry affects Hibernate Validator: SafeHtml validator annotation fails to sanitize HTML comments/instructions, enabling XSS in affected code paths. Affected CP4S versions are 1.7.2.0, 1.8.0.0, and 1.8.1.0. Remediation is to upgrade to Cloud Pak for Security 1.9.0.0 per IBM guid...
CVE-2019-2899
CVE-2019-2899 affects Oracle JDeveloper and ADF (OAM component) in Oracle Fusion Middleware. Affected versions: 11.1.1.9.0, 11.1.2.4.0, 12.1.3.0.0, 12.2.1.3.0. The vulnerability is due to insufficient access control in OAM, allowing a high-privilege attacker with network access via HTTP to compro...
CVE-2021-2158
CVE-2021-2158 affects Oracle Hyperion Financial Management (HFM) with the Task Automation component, specifically version 11.1.2.4. Multiple sources (NVD, Red Hat, CNVD, CVE listings) describe a vulnerability that is exploitable by a high-privileged attacker with network access over HTTP, with us...
CVE-2012-1714
CVE-2012-1714 affects Oracle Hyperion Financial Management (HFM) versions 11.1.1.4 and 11.1.2.1.104, via a vulnerability in the TList 6 ActiveX control. The issue permits remote code execution through unknown vectors; no concrete exploit details or impact vector are provided beyond this, and no r...
CVE-2020-2777
Oracle Hyperion Financial Management (HFM) 11.1.2.4 Security component is affected. The vulnerability allows a high-privilege attacker with network access via HTTP to compromise HFM, with exploitation requiring user interaction and potentially enabling unauthorized creation, deletion, or modifica...