Skip to main content

Hyperion Data Relationship Management

11 CVEs product

Monthly

CVE-2025-21569 MEDIUM This Month

Vulnerability in the Oracle Hyperion Data Relationship Management product of Oracle Hyperion (component: Web Services). Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Oracle Hyperion Data Relationship Management
NVD
CVSS 3.1
6.6
EPSS
0.6%
CVE-2025-21568 MEDIUM Monitor

Vulnerability in the Oracle Hyperion Data Relationship Management product of Oracle Hyperion (component: Access and Security). Rated medium severity (CVSS 4.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Hyperion Data Relationship Management
NVD
CVSS 3.1
4.5
EPSS
0.3%
CVE-2022-23307 Maven HIGH PATCH This Week

CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization Apache Chainsaw Log4J Reload4J +23
NVD VulDB
CVSS 3.1
8.8
EPSS
2.7%
CVE-2022-23305 Maven CRITICAL PATCH GHSA Act Now

By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This SQL Injection vulnerability could allow attackers to execute arbitrary SQL commands against the database.

Apache SQLi Log4J Snapmanager Brocade Sannav +25
NVD VulDB
CVSS 3.1
9.8
EPSS
9.5%
CVE-2022-23302 Maven HIGH PATCH This Week

JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Deserialization Apache Log4J Snapmanager +24
NVD VulDB
CVSS 3.1
8.8
EPSS
0.8%
CVE-2021-4104 Maven HIGH Act Now

JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Epss exploitation probability 72.2% and no vendor patch available.

RCE Deserialization Apache Log4J Fedora +44
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
72.2%
CVE-2020-7760 npm HIGH POC PATCH This Week

This affects the package codemirror before 5.58.2; the package org.apache.marmotta.webjars:codemirror before 5.58.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Apache Denial Of Service Codemirror Application Express Enterprise Manager Express User Interface +3
NVD GitHub
CVSS 3.1
7.5
EPSS
5.2%
CVE-2019-2927 MEDIUM PATCH This Month

Vulnerability in the Hyperion Data Relationship Management product of Oracle Hyperion (component: Access and Security). Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable.

Information Disclosure Oracle Hyperion Data Relationship Management
NVD
CVSS 3.1
6.4
EPSS
1.1%
CVE-2018-3208 HIGH PATCH This Week

Vulnerability in the Hyperion Data Relationship Management component of Oracle Hyperion (subcomponent: Access and Security). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Hyperion Data Relationship Management
NVD
CVSS 3.0
7.7
EPSS
2.0%
CVE-2018-2915 MEDIUM PATCH This Month

Vulnerability in the Hyperion Data Relationship Management component of Oracle Hyperion (subcomponent: Access and security). Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Hyperion Data Relationship Management
NVD
CVSS 3.0
5.8
EPSS
2.1%
CVE-2018-2610 MEDIUM PATCH This Month

Vulnerability in the Hyperion Data Relationship Management component of Oracle Hyperion (subcomponent: Access and security). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Hyperion Data Relationship Management
NVD
CVSS 3.0
5.3
EPSS
1.5%
EPSS 1% CVSS 6.6
MEDIUM This Month

Vulnerability in the Oracle Hyperion Data Relationship Management product of Oracle Hyperion (component: Web Services). Rated medium severity (CVSS 6.6), this vulnerability is remotely exploitable. No vendor patch available.

Authentication Bypass Oracle Hyperion Data Relationship Management
NVD
EPSS 0% CVSS 4.5
MEDIUM Monitor

Vulnerability in the Oracle Hyperion Data Relationship Management product of Oracle Hyperion (component: Access and Security). Rated medium severity (CVSS 4.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Hyperion Data Relationship Management
NVD
EPSS 3% CVSS 8.8
HIGH PATCH This Week

CVE-2020-9493 identified a deserialization issue that was present in Apache Chainsaw. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization Apache Chainsaw +25
NVD VulDB
EPSS 9% CVSS 9.8
CRITICAL PATCH Act Now

By design, the JDBCAppender in Log4j 1.2.x accepts an SQL statement as a configuration parameter where the values to be inserted are converters from PatternLayout. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This SQL Injection vulnerability could allow attackers to execute arbitrary SQL commands against the database.

Apache SQLi Log4J +27
NVD VulDB
EPSS 1% CVSS 8.8
HIGH PATCH This Week

JMSSink in all versions of Log4j 1.x is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration or if the configuration references an LDAP. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Deserialization Apache +26
NVD VulDB
EPSS 72% CVSS 7.5
HIGH Act Now

JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable. Epss exploitation probability 72.2% and no vendor patch available.

RCE Deserialization Apache +46
NVD GitHub VulDB
EPSS 5% CVSS 7.5
HIGH POC PATCH This Week

This affects the package codemirror before 5.58.2; the package org.apache.marmotta.webjars:codemirror before 5.58.2. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Apache Denial Of Service Codemirror +5
NVD GitHub
EPSS 1% CVSS 6.4
MEDIUM PATCH This Month

Vulnerability in the Hyperion Data Relationship Management product of Oracle Hyperion (component: Access and Security). Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable.

Information Disclosure Oracle Hyperion Data Relationship Management
NVD
EPSS 2% CVSS 7.7
HIGH PATCH This Week

Vulnerability in the Hyperion Data Relationship Management component of Oracle Hyperion (subcomponent: Access and Security). Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, low attack complexity.

Oracle Authentication Bypass Hyperion Data Relationship Management
NVD
EPSS 2% CVSS 5.8
MEDIUM PATCH This Month

Vulnerability in the Hyperion Data Relationship Management component of Oracle Hyperion (subcomponent: Access and security). Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Hyperion Data Relationship Management
NVD
EPSS 1% CVSS 5.3
MEDIUM PATCH This Month

Vulnerability in the Hyperion Data Relationship Management component of Oracle Hyperion (subcomponent: Access and security). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Hyperion Data Relationship Management
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy