Bi Publisher
Monthly
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: XML Services). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: XML Services). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Layout Templates). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Service Gateway). Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Script Engine). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: XML Services). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the BI Publisher product of Oracle Analytics (component: Web Server). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Security). Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Security). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Security). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Core Formatting API). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite - XDO). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite - XDO). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite - XDO). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Security). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Scheduler). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
XStream is a Java library to serialize objects to XML and back again. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Mobile Service). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Security). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Mobile Service). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Mobile Service). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
A vulnerability was found in Hibernate-Validator. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Vulnerability in the BI Publisher (formerly XML Publisher) product of Oracle Fusion Middleware (component: BI Publisher Security). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
{}, ...) because of Object.prototype pollution. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 94.0%.
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: XML Services). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: XML Services). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Layout Templates). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Service Gateway). Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Script Engine). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: XML Services). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the BI Publisher product of Oracle Analytics (component: Web Server). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Security). Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Security). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Security). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Core Formatting API). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite - XDO). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite - XDO). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite - XDO). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Security). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Scheduler). Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
XStream is a Java library to serialize objects to XML and back again. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Mobile Service). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Security). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Mobile Service). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Mobile Service). Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
A vulnerability was found in Hibernate-Validator. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Vulnerability in the BI Publisher (formerly XML Publisher) product of Oracle Fusion Middleware (component: BI Publisher Security). Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, low attack complexity.
Vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
Vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
{}, ...) because of Object.prototype pollution. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that,. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and EPSS exploitation probability 94.0%.