Hyperion Infrastructure Technology Security Vulnerabilities and Issues — Hyperion Infrastructure Technology CVE List

Lucene search

OracleHyperion Infrastructure Technology

10 matches found

CVE•added 2021/12/14 12:15 p.m.•1193 views

CVE-2021-4104

JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests that result in remot...

7.5CVSS9.4AI score0.94358EPSS

In wild

CVE•added 2021/12/18 12:15 p.m.•1117 views

CVE-2021-45105

Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This issue wa...

5.9CVSS7.7AI score0.70431EPSS

In wildWeb

CVE•added 2021/07/21 3:15 p.m.•212 views

CVE-2021-2351

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compromise Advanced Networking Option. S...

8.3CVSS8.5AI score0.03544EPSS

CVE•added 2021/03/19 4:15 p.m.•171 views

CVE-2021-27906

A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.

5.5CVSS5.6AI score0.00543EPSS

CVE•added 2021/03/19 4:15 p.m.•169 views

CVE-2021-27807

A carefully crafted PDF file can trigger an infinite loop while loading the file. This issue affects Apache PDFBox version 2.0.22 and prior 2.0.x versions.

5.5CVSS5.6AI score0.00544EPSS

CVE•added 2021/01/20 3:15 p.m.•100 views

CVE-2021-1996

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic ...

3.5CVSS3.4AI score0.00386EPSS

CVE•added 2021/01/20 3:15 p.m.•97 views

CVE-2021-1993

Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to compromise Java VM. Suc...

4.8CVSS5.1AI score0.00232EPSS

CVE•added 2021/01/20 3:15 p.m.•51 views

CVE-2021-1999

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: RAS subsystems). The supported version that is affected is 8.8. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle ZFS Storage Appliance Kit exec...

5CVSS4.8AI score0.00081EPSS

CVE•added 2021/07/21 3:16 p.m.•51 views

CVE-2021-2445

Vulnerability in the Hyperion Infrastructure Technology product of Oracle Hyperion (component: Lifecycle Management). The supported version that is affected is 11.2.5.0. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion Infrastruc...

5.7CVSS5.4AI score0.01321EPSS

CVE•added 2021/07/21 3:15 p.m.•50 views

CVE-2021-2347

Vulnerability in the Hyperion Infrastructure Technology product of Oracle Hyperion (component: Lifecycle Management). The supported version that is affected is 11.2.5.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion Infrastructu...

5.2CVSS5.4AI score0.00553EPSS