Oracle Business Intelligence Publisher vulnerabilities
39 known vulnerabilities affecting oracle/business_intelligence_publisher.
Total CVEs
39
CISA KEV
1
actively exploited
Public exploits
3
Exploited in wild
1
Severity breakdown
HIGH32MEDIUM6LOW1
Vulnerabilities
Page 2 of 2
CVE-2018-2925MEDIUMCVSS 6.5v11.1.1.7.0v11.1.1.9.0+2 more2018-07-18
CVE-2018-2925 [MEDIUM] CVE-2018-2925: Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Server).
Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Server). Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0, 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise BI Publisher. Successful attacks of this vulnerability can resu
nvd
CVE-2017-10037HIGHCVSS 7.5v11.1.1.7.0v11.1.1.9.02017-10-19
CVE-2017-10037 [HIGH] CWE-200 CVE-2017-10037: Vulnerability in the Oracle BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Se
Vulnerability in the Oracle BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Service API). Supported versions that are affected are 11.1.1.7.0 and 11.1.1.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks of this vulnerability can
nvd
CVE-2017-10034HIGHCVSS 8.2v11.1.1.7.0v11.1.1.9.02017-10-19
CVE-2017-10034 [HIGH] CVE-2017-10034: Vulnerability in the Oracle BI Publisher component of Oracle Fusion Middleware (subcomponent: Core F
Vulnerability in the Oracle BI Publisher component of Oracle Fusion Middleware (subcomponent: Core Formatting API). Supported versions that are affected are 11.1.1.7.0 and 11.1.1.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks require human interaction fro
nvd
CVE-2017-10035HIGHCVSS 8.2v11.1.1.7.0v11.1.1.9.02017-08-08
CVE-2017-10035 [HIGH] CVE-2017-10035: Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Server).
Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Server). Supported versions that are affected are 11.1.1.7.0 and 11.1.1.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher. Successful attacks require human interaction from a person other than th
nvd
CVE-2017-10029HIGHCVSS 8.2v11.1.1.7.02017-08-08
CVE-2017-10029 [HIGH] CVE-2017-10029: Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Server).
Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Server). The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher. Successful attacks require human interaction from a person other than the attacker and
nvd
CVE-2017-10024HIGHCVSS 8.2v11.1.1.7.02017-08-08
CVE-2017-10024 [HIGH] CVE-2017-10024: Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Layout Tools)
Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Layout Tools). The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher. Successful attacks require human interaction from a person other than the attacker
nvd
CVE-2017-10028HIGHCVSS 8.2v11.1.1.7.02017-08-08
CVE-2017-10028 [HIGH] CVE-2017-10028: Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Server).
Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Server). The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher. Successful attacks require human interaction from a person other than the attacker and
nvd
CVE-2017-10059HIGHCVSS 7.6v11.1.1.7.02017-08-08
CVE-2017-10059 [HIGH] CVE-2017-10059: Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Mobile Servic
Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Mobile Service). The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise BI Publisher. Successful attacks require human interaction from a person other than the attacker
nvd
CVE-2017-10025HIGHCVSS 8.2v11.1.1.7.02017-08-08
CVE-2017-10025 [HIGH] CVE-2017-10025: Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: BI Publisher
Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher. Successful attacks of this vulnerability can result in unauthorized access
nvd
CVE-2017-10156HIGHCVSS 8.2v11.1.1.7.0v11.1.1.9.0+2 more2017-08-08
CVE-2017-10156 [HIGH] CVE-2017-10156: Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: BI Publisher
Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher. Successful attacks require human inte
nvd
CVE-2017-10043HIGHCVSS 8.2v11.1.1.7.0v11.1.1.9.02017-08-08
CVE-2017-10043 [HIGH] CVE-2017-10043: Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: BI Publisher
Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). Supported versions that are affected are 11.1.1.7.0 and 11.1.1.9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher. Successful attacks require human interaction from a person ot
nvd
CVE-2017-10030HIGHCVSS 8.2v11.1.1.7.02017-08-08
CVE-2017-10030 [HIGH] CVE-2017-10030: Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Server).
Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Server). The supported version that is affected is 11.1.1.7.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher. Successful attacks require human interaction from a person other than the attacker and
nvd
CVE-2017-10041HIGHCVSS 7.6v11.1.1.9.0v12.2.1.1.0+1 more2017-08-08
CVE-2017-10041 [HIGH] CVE-2017-10041: Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Server).
Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: Web Server). Supported versions that are affected are 11.1.1.9.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise BI Publisher. Successful attacks require human interaction from a person ot
nvd
CVE-2017-10157MEDIUMCVSS 6.5v11.1.1.7.0v11.1.1.9.0+2 more2017-08-08
CVE-2017-10157 [MEDIUM] CVE-2017-10157: Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: BI Publisher
Vulnerability in the BI Publisher component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). Supported versions that are affected are 11.1.1.7.0, 11.1.1.9.0, 12.2.1.1.0 and 12.2.1.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise BI Publisher. Successful attacks of this vulnerab
nvd
CVE-2016-3473HIGHCVSS 7.7PoCv11.1.1.7.0v11.1.1.9.0+1 more2016-10-25
CVE-2016-3473 [HIGH] CWE-200 CVE-2016-3473: Unspecified vulnerability in the BI Publisher (formerly XML Publisher) component in Oracle Fusion Mi
Unspecified vulnerability in the BI Publisher (formerly XML Publisher) component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote authenticated users to affect confidentiality via unknown vectors.
nvd
CVE-2016-3432MEDIUMCVSS 5.4v11.1.1.7.0v11.1.1.9.02016-07-21
CVE-2016-3432 [MEDIUM] CVE-2016-3432: Unspecified vulnerability in the BI Publisher (formerly XML Publisher) component in Oracle Fusion Mi
Unspecified vulnerability in the BI Publisher (formerly XML Publisher) component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to Web Server.
nvd
CVE-2016-3474LOWCVSS 3.7v11.1.1.7.0v11.1.1.9.0+1 more2016-07-21
CVE-2016-3474 [LOW] CVE-2016-3474: Unspecified vulnerability in the BI Publisher (formerly XML Publisher) component in Oracle Fusion Mi
Unspecified vulnerability in the BI Publisher (formerly XML Publisher) component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality via vectors related to Security.
nvd
CVE-2016-0614MEDIUMCVSS 4.0v11.1.1.7.0v11.1.1.9.0+1 more2016-01-21
CVE-2016-0614 [MEDIUM] CVE-2016-0614: Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7.
Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote authenticated users to affect confidentiality via unknown vectors.
nvd
CVE-2014-3576HIGHCVSS 7.5v12.2.1.0.02015-08-14
CVE-2014-3576 [HIGH] CWE-264 CVE-2014-3576: The processControlCommand function in broker/TransportConnection.java in Apache ActiveMQ before 5.11
The processControlCommand function in broker/TransportConnection.java in Apache ActiveMQ before 5.11.0 allows remote attackers to cause a denial of service (shutdown) via a shutdown command.
nvd
← Previous2 / 2