Lucene search
K
OracleHyperion Financial Reporting

13 matches found

CVE
CVE
added 2020/04/29 12:0 a.m.7192 views

CVE-2020-11023

The connected Astra Linux bulletin confirms CVE-2020-11023: in jQuery versions >= 1.0.3 and < 3.5.0, passing HTML containing elements from untrusted sources to DOM manipulation methods (e.g., .html(), .append()) may lead to untrusted code execution. Patch released in jQuery 3.5.0. Remediat...

6.9CVSS7.2AI score0.8383EPSS
In wild
CVE
CVE
added 2020/11/12 12:0 a.m.294 views

CVE-2019-17566

CVE-2019-17566 (Apache Batik) is a server-side request forgery caused by improper input validation in xlink:href attributes, potentially allowing an attacker to trigger arbitrary GET requests from the vulnerable server. Connected advisories reference Batik-related SSRF issues across IBM JRS, SUSE...

7.5CVSS8.2AI score0.1074EPSS
CVE
CVE
added 2021/03/19 4:5 p.m.186 views

CVE-2021-27807

CVE-2021-27807 affects Apache PDFBox 2.0.22 and earlier 2.0.x. The issue arises when loading a crafted PDF, triggering an infinite loop and causing denial of service. Connected IBM advisories confirm the same description and map remediation to upgrading to fixed PDFBox versions via product-specif...

5.5CVSS5.6AI score0.02979EPSS
CVE
CVE
added 2021/03/19 4:5 p.m.186 views

CVE-2021-27906

CVE-2021-27906 affects Apache PDFBox; a crafted PDF can trigger an OutOfMemoryError when loading, impacting PDFBox 2.0.22 and earlier 2.0.x. The connected IBM/QRadar security bulletin confirms the same CVE ID and notes remediation: upgrade to IBM Cognos-related 2.0.6.12, then apply FixPack 2.0.6....

5.5CVSS5.6AI score0.03337EPSS
CVE
CVE
added 2019/04/17 2:7 p.m.151 views

CVE-2019-0228

CVE-2019-0228 affects Apache PDFBox 2.0.14, enabling an XML External Entity (XXE) attack via crafted XFDF. IBM advisories fix the vulnerability by upgrading IBM Operations Analytics - Log Analysis to version 1.3.7 (PDFBox handling) and Fedora advisories show a PDFBox update to 2.0.16. The vulnera...

9.8CVSS8.9AI score0.09451EPSS
CVE
CVE
added 2017/10/19 5:0 p.m.57 views

CVE-2017-10358

CVE-2017-10358 affects Oracle Hyperion Financial Reporting, subcomponent Workspace, with vulnerable version 11.1.2. The vulnerability allows a low-privilege, network-access attacker (HTTP) to read, update, insert, or delete data in Oracle Hyperion Financial Reporting, potentially impacting additi...

6.4CVSS5.7AI score0.01154EPSS
CVE
CVE
added 2021/10/20 10:51 a.m.54 views

CVE-2021-35665

Oracle Hyperion Financial Reporting (Repository component) is affected in version 11.2.6.0. The vulnerability allows an unauthenticated attacker with network access via HTTP to compromise the product, with user interaction required, potentially leading to unauthorized update/insert/delete and rea...

6.1CVSS5.6AI score0.00815EPSS
CVE
CVE
added 2019/10/16 5:40 p.m.52 views

CVE-2019-2959

CVE-2019-2959 affects Oracle Hyperion Financial Reporting (11.1.2.4) within the Security Models component. Red Hat’s advisory mirrors the description: a remote, HTTP-exposed vulnerability that can be exploited by a high-privilege attacker and requires user interaction. Successful exploitation cou...

4.2CVSS3.6AI score0.00969EPSS
CVE
CVE
added 2017/10/19 5:0 p.m.50 views

CVE-2017-10310

CVE-2017-10310 affects Oracle Hyperion Financial Reporting, subcomponent Security Models, with the affected product/version: Oracle Hyperion Financial Reporting (11.1.2). The vulnerability is exploitable by an unauthenticated attacker over HTTP with network access, enabling unauthorized access to...

7.5CVSS7.2AI score0.03201EPSS
CVE
CVE
added 2020/04/15 1:29 p.m.49 views

CVE-2020-2769

CVE-2020-2769 affects Oracle Hyperion Financial Reporting, specifically the Web Based Report Designer, with affected version 11.1.2.4. The vulnerability can be exploited by a high-privilege attacker over a network via HTTP and requires user interaction. Successful exploitation could result in una...

3.5CVSS2.6AI score0.00892EPSS
CVE
CVE
added 2018/07/18 1:0 p.m.46 views

CVE-2018-2907

The CVE-2018-2907 entry concerns Oracle Hyperion’s Hyperion Financial Reporting component (subcomponent: Security Models). Affected product: Hyperion Financial Reporting version 11.1.2. The vulnerability description states an unauthenticated, network-accessible issue over HTTP that could allow ac...

8.6CVSS7.9AI score0.0271EPSS
CVE
CVE
added 2016/07/21 10:0 a.m.42 views

CVE-2016-3493

The CVE-2016-3493 issue affects Oracle Hyperion Financial Reporting (11.1.2.4), with vulnerability in the Security Models subcomponent of Hyperion’s Financial Reporting. Connected documents indicate a remote attacker could affect confidentiality, integrity, and availability, indicating a high-imp...

10CVSS8.4AI score0.05366EPSS
CVE
CVE
added 2025/07/15 7:27 p.m.30 views

CVE-2025-50108

The CVE-2025-50108 entry concerns Oracle Hyperion Financial Reporting (Workspace component) with affected version 11.2.20.0.000. A vulnerability exists in the Workspace area that can be exploited by a low-privileged attacker over HTTP with network access; exploitation requires user interaction. S...

5.4CVSS6.1AI score0.00166EPSS