Skip to main content

Hyperion Financial Reporting

11 CVEs product

Monthly

CVE-2021-35665 MEDIUM PATCH This Month

Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Hyperion Financial Reporting
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2021-27906 Maven MEDIUM PATCH This Month

A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file.0.22 and prior 2.0.x versions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Apache Information Disclosure Pdfbox Fedora Banking Corporate Lending Process Management +16
NVD
CVSS 3.1
5.5
EPSS
3.3%
CVE-2021-27807 Maven MEDIUM PATCH This Month

A carefully crafted PDF file can trigger an infinite loop while loading the file.0.22 and prior 2.0.x versions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Apache Denial Of Service Pdfbox Fedora Banking Trade Finance Process Management +12
NVD
CVSS 3.1
5.5
EPSS
3.0%
CVE-2020-11023 LIB MEDIUM POC KEV PATCH THREAT This Month

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Jquery Debian Linux Fedora Drupal +48
NVD GitHub Exploit-DB
CVSS 3.1
6.1
EPSS
83.8%
CVE-2020-2769 LOW Monitor

Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion (component: Web Based Report Designer). Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Hyperion Financial Reporting
NVD
CVSS 3.1
2.4
EPSS
0.9%
CVE-2019-2959 MEDIUM PATCH This Month

Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion (component: Security Models). Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable.

Authentication Bypass Oracle Hyperion Financial Reporting
NVD
CVSS 3.1
4.2
EPSS
1.0%
CVE-2019-0228 Maven CRITICAL PATCH Act Now

Apache PDFBox 2.0.14 does not properly initialize the XML parser, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XFDF. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Apache Pdfbox James Fedora +11
NVD
CVSS 3.1
9.8
EPSS
9.5%
CVE-2018-2907 HIGH PATCH This Week

Vulnerability in the Hyperion Financial Reporting component of Oracle Hyperion (subcomponent: Security Models). Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Hyperion Financial Reporting
NVD
CVSS 3.0
8.6
EPSS
2.7%
CVE-2017-10358 MEDIUM PATCH This Month

Vulnerability in the Oracle Hyperion Financial Reporting component of Oracle Hyperion (subcomponent: Workspace). Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Hyperion Financial Reporting
NVD
CVSS 3.0
6.4
EPSS
0.2%
CVE-2017-10310 HIGH PATCH This Week

Vulnerability in the Oracle Hyperion Financial Reporting component of Oracle Hyperion (subcomponent: Security Models). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Oracle Authentication Bypass Information Disclosure Hyperion Financial Reporting
NVD
CVSS 3.0
7.5
EPSS
2.0%
CVE-2016-3493 CRITICAL PATCH Act Now

Unspecified vulnerability in the Hyperion Financial Reporting component in Oracle Hyperion 11.1.2.4 allows remote attackers to affect confidentiality, integrity, and availability via vectors related. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Oracle Hyperion Financial Reporting
NVD
CVSS 3.0
9.8
EPSS
3.4%
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Hyperion Financial Reporting
NVD
EPSS 3% CVSS 5.5
MEDIUM PATCH This Month

A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file.0.22 and prior 2.0.x versions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Apache Information Disclosure Pdfbox +18
NVD
EPSS 3% CVSS 5.5
MEDIUM PATCH This Month

A carefully crafted PDF file can trigger an infinite loop while loading the file.0.22 and prior 2.0.x versions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity.

Apache Denial Of Service Pdfbox +14
NVD
EPSS 84% CVSS 6.1
MEDIUM POC KEV PATCH THREAT This Month

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

XSS Jquery Debian Linux +50
NVD GitHub Exploit-DB
EPSS 1% CVSS 2.4
LOW Monitor

Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion (component: Web Based Report Designer). Rated low severity (CVSS 2.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Oracle Authentication Bypass Hyperion Financial Reporting
NVD
EPSS 1% CVSS 4.2
MEDIUM PATCH This Month

Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion (component: Security Models). Rated medium severity (CVSS 4.2), this vulnerability is remotely exploitable.

Authentication Bypass Oracle Hyperion Financial Reporting
NVD
EPSS 9% CVSS 9.8
CRITICAL PATCH Act Now

Apache PDFBox 2.0.14 does not properly initialize the XML parser, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XFDF. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Apache Pdfbox +13
NVD
EPSS 3% CVSS 8.6
HIGH PATCH This Week

Vulnerability in the Hyperion Financial Reporting component of Oracle Hyperion (subcomponent: Security Models). Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Hyperion Financial Reporting
NVD
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

Vulnerability in the Oracle Hyperion Financial Reporting component of Oracle Hyperion (subcomponent: Workspace). Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Hyperion Financial Reporting
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Vulnerability in the Oracle Hyperion Financial Reporting component of Oracle Hyperion (subcomponent: Security Models). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Oracle Authentication Bypass Information Disclosure +1
NVD
EPSS 3% CVSS 9.8
CRITICAL PATCH Act Now

Unspecified vulnerability in the Hyperion Financial Reporting component in Oracle Hyperion 11.1.2.4 allows remote attackers to affect confidentiality, integrity, and availability via vectors related. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Oracle Hyperion Financial Reporting
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy