6 matches found
CVE-2021-45105
Summary of CVE-2021-45105 (Log4j2) : Affected Log4j 2.x versions 2.0-alpha1 through 2.16.0 (except 2.12.3 and 2.3.1) are vulnerable to denial of service via uncontrolled recursion triggered by self-referential lookups in Thread Context Map data. The root cause is improper handling of self-referen...
CVE-2019-2904
CVE-2019-2904 is an insecure deserialization vulnerability in Oracle JDeveloper/ADF Faces (Oracle Fusion Middleware). Affected: JDeveloper/ADF Faces components within Fusion Middleware, specifically the ADF Faces runtime used by Oracle JDeveloper and ADF. Affected versions listed include 11.1.1.9...
CVE-2019-2861
CVE-2019-2861 affects Oracle Hyperion Planning (Security subcomponent) with affected version 11.1.2.4; multiple sources describe an XML External Entity (XXE) vulnerability that could disclose internal files, with exploitation demonstrated for Hyperion Planning 11.1.2.3. The attacks require authen...
CVE-2018-2733
The CVE-2018-2733 entry covers a vulnerability in Oracle Hyperion Planning (Security subcomponent) affecting version 11.1.2.4.007. The issue can be triggered by a high-privilege attacker with network access via HTTP and requires user interaction from a person other than the attacker. Successful e...
CVE-2020-14764
CVE-2020-14764 affects Oracle Hyperion Planning (Application Development Framework) 11.1.2.4. The vulnerability is described as difficult to exploit with network access via HTTP, requiring user interaction, and can lead to unauthorized creation/deletion/modification of data in Hyperion Planning. ...
CVE-2019-2770
CVE-2019-2770 affects Oracle Hyperion Planning Smart View (subcomponent) with vulnerable version 11.1.2.4. The vulnerability allows a high-privileged attacker who has network access via HTTP and must involve user interaction to compromise Hyperion Planning, potentially resulting in unauthorized a...