Oracle Corporation Bi Publisher vulnerabilities
60 known vulnerabilities affecting oracle_corporation/bi_publisher.
Total CVEs
60
CISA KEV
1
actively exploited
Public exploits
3
Exploited in wild
2
Severity breakdown
CRITICAL1HIGH46MEDIUM13
Vulnerabilities
Page 1 of 3
CVE-2024-21082CRITICALCVSS 9.8v7.0.0.0.0v12.2.1.4.02024-04-16
CVE-2024-21082 [CRITICAL] CWE-611 CVE-2024-21082: Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: XML Services). Sup
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: XML Services). Supported versions that are affected are 7.0.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks of this vulnerability can result in ta
cvelistv5nvd
CVE-2024-21083HIGHCVSS 7.2v7.0.0.0.0v12.2.1.4.02024-04-16
CVE-2024-21083 [HIGH] CWE-863 CVE-2024-21083: Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Script Engine). Su
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Script Engine). Supported versions that are affected are 7.0.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks of this vulnerability can result in takeo
cvelistv5nvd
CVE-2024-21084MEDIUMCVSS 5.8v7.0.0.0.0v12.2.1.4.02024-04-16
CVE-2024-21084 [MEDIUM] CWE-284 CVE-2024-21084: Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Service Gateway).
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Service Gateway). Supported versions that are affected are 7.0.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle BI Publisher. While the vulnerability is in Oracle BI Publisher, attacks
cvelistv5nvd
CVE-2024-20980MEDIUMCVSS 5.4v6.4.0.0.0v7.0.0.0.02024-02-17
CVE-2024-20980 [MEDIUM] CVE-2024-20980: Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Suppo
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Supported versions that are affected are 6.4.0.0.0 and 7.0.0.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks require human interaction from a person other than t
cvelistv5nvd
CVE-2024-20979MEDIUMCVSS 5.4v6.4.0.0.0v7.0.0.0.0+1 more2024-01-16
CVE-2024-20979 [MEDIUM] CWE-285 CVE-2024-20979: Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Suppo
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Supported versions that are affected are 6.4.0.0.0, 7.0.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks require human interaction from a
cvelistv5nvd
CVE-2024-20987MEDIUMCVSS 5.4v12.2.1.4.02024-01-16
CVE-2024-20987 [MEDIUM] CVE-2024-20987: Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). The
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). The supported version that is affected is 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks require human interaction from a person other than the attacker a
cvelistv5nvd
CVE-2023-22105MEDIUMCVSS 5.4v6.4.0.0.0v7.0.0.0.02023-10-17
CVE-2023-22105 [MEDIUM] CVE-2023-22105: Vulnerability in the BI Publisher product of Oracle Analytics (component: Web Server). Supported ve
Vulnerability in the BI Publisher product of Oracle Analytics (component: Web Server). Supported versions that are affected are 6.4.0.0.0 and 7.0.0.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise BI Publisher. Successful attacks require human interaction from a person other than the attacker an
cvelistv5nvd
CVE-2023-21941MEDIUMCVSS 4.3v6.4.0.0.0v12.2.1.4.02023-04-18
CVE-2023-21941 [MEDIUM] CVE-2023-21941: Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Suppo
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Supported versions that are affected are 6.4.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks of this vulnerability can result in unauthorized re
cvelistv5nvd
CVE-2023-21970MEDIUMCVSS 5.7v6.4.0.0.02023-04-18
CVE-2023-21970 [MEDIUM] CVE-2023-21970: Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Security). The su
Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Security). The supported version that is affected is 6.4.0.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks require human interaction from a person other than the attacker. Su
cvelistv5nvd
CVE-2023-21846HIGHCVSS 8.8v5.9.0.0.0v6.4.0.0.0+1 more2023-01-18
CVE-2023-21846 [HIGH] CWE-284 CVE-2023-21846: Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Security).
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Security). Supported versions that are affected are 5.9.0.0.0, 6.4.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Oracle BI Publisher. Successful attacks of this vulnera
cvelistv5nvd
CVE-2023-21832HIGHCVSS 8.8v5.9.0.0.0v6.4.0.0.0+1 more2023-01-18
CVE-2023-21832 [HIGH] CWE-284 CVE-2023-21832: Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Security).
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Security). Supported versions that are affected are 5.9.0.0.0, 6.4.0.0.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Oracle BI Publisher. Successful attacks of this vulnera
cvelistv5nvd
CVE-2022-21590HIGHCVSS 7.6v5.9.0.0v6.4.0.0.0+2 more2022-10-18
CVE-2022-21590 [HIGH] CVE-2022-21590: Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Core Format
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Core Formatting API). Supported versions that are affected are 5.9.0.0, 6.4.0.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks of this vulnera
cvelistv5nvd
CVE-2022-21523MEDIUMCVSS 4.3v12.2.1.3.0v12.2.1.4.02022-07-19
CVE-2022-21523 [MEDIUM] CVE-2022-21523: Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: BI Publishe
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Security). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks of this vulnerability can resul
cvelistv5nvd
CVE-2022-21346HIGHCVSS 7.5v5.5.0.0.0v12.2.1.3.0+1 more2022-01-19
CVE-2022-21346 [HIGH] CVE-2022-21346: Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: BI Publishe
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Security). Supported versions that are affected are 5.5.0.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks of this vulnerability
cvelistv5nvd
CVE-2021-2391HIGHCVSS 8.8v5.5.0.0.0v11.1.1.9.0+2 more2021-07-21
CVE-2021-2391 [HIGH] CVE-2021-2391: Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Scheduler).
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Scheduler). Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks of this vulnerability ca
cvelistv5nvd
CVE-2021-2392HIGHCVSS 8.8v5.5.0.0.0v11.1.1.9.0+2 more2021-07-21
CVE-2021-2392 [HIGH] CVE-2021-2392: Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: BI Publishe
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Security). Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks of this vuln
cvelistv5nvd
CVE-2021-2400HIGHCVSS 7.5v5.5.0.0.0v11.1.1.9.0+2 more2021-07-21
CVE-2021-2400 [HIGH] CVE-2021-2400: Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: E-Business
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite - XDO). Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks of this vul
cvelistv5nvd
CVE-2021-2396HIGHCVSS 8.8v5.5.0.0.0v11.1.1.9.0+2 more2021-07-21
CVE-2021-2396 [HIGH] CVE-2021-2396: Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: E-Business
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite - XDO). Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks of this vuln
cvelistv5nvd
CVE-2021-2401MEDIUMCVSS 5.3v5.5.0.0.0v11.1.1.9.0+2 more2021-07-21
CVE-2021-2401 [MEDIUM] CWE-611 CVE-2021-2401: Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: E-Business
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite - XDO). Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks o
cvelistv5nvd
CVE-2021-2013HIGHCVSS 7.6v5.5.0.0.0v11.1.1.9.0+2 more2021-01-20
CVE-2021-2013 [HIGH] CVE-2021-2013: Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: BI Publishe
Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Security). Supported versions that are affected are 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks of this vuln
cvelistv5nvd
1 / 3Next →