Vulnerabilities > Oracle > BI Publisher > 11.1.1.9.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-15 | CVE-2020-14585 | Cross-site Scripting vulnerability in Oracle BI Publisher 11.1.1.9.0/12.2.1.3.0/12.2.1.4.0 Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Mobile Service). | 8.2 |
| 2020-07-15 | CVE-2020-14571 | Unspecified vulnerability in Oracle BI Publisher 11.1.1.9.0/12.2.1.3.0/12.2.1.4.0 Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Mobile Service). | 7.2 |
| 2020-07-15 | CVE-2020-14570 | Unspecified vulnerability in Oracle BI Publisher 11.1.1.9.0/12.2.1.3.0/12.2.1.4.0 Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Mobile Service). | 7.1 |
| 2019-11-08 | CVE-2019-10219 | A vulnerability was found in Hibernate-Validator. | 6.1 |
| 2019-10-16 | CVE-2019-2898 | Unspecified vulnerability in Oracle BI Publisher 11.1.1.9.0/12.2.1.3.0/12.2.1.4.0 Vulnerability in the BI Publisher (formerly XML Publisher) product of Oracle Fusion Middleware (component: BI Publisher Security). | 4.3 |
| 2019-07-23 | CVE-2019-2771 | Unspecified vulnerability in Oracle BI Publisher 11.1.1.9.0 Vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). | 8.2 |
| 2019-07-23 | CVE-2019-2768 | Unspecified vulnerability in Oracle BI Publisher 11.1.1.9.0 Vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). | 7.5 |
| 2019-07-23 | CVE-2019-2767 | Unspecified vulnerability in Oracle BI Publisher 11.1.1.9.0 Vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). | 7.2 |
| 2017-04-17 | CVE-2017-5645 | Deserialization of Untrusted Data vulnerability in multiple products In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another application, a specially crafted binary payload can be sent that, when deserialized, can execute arbitrary code. | 9.8 |