12.2.1.3.0

DATE	CVE	VULNERABILITY TITLE	RISK
2018-05-24	CVE-2018-8013	Deserialization of Untrusted Data vulnerability in multiple products In Apache Batik 1.x before 1.10, when deserializing subclass of `AbstractDocument`, the class takes a string from the inputStream as the class name which then use it to call the no-arg constructor of the class. network low complexity apache debian canonical oracle CWE-502 critical	9.8
2018-01-18	CVE-2018-2715	Unspecified vulnerability in Oracle Business Intelligence 12.2.1.2.0/12.2.1.3.0 Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware (subcomponent: BI Platform Security). network low complexity oracle	6.5
2018-01-18	CVE-2017-10068	Unspecified vulnerability in Oracle Business Intelligence 12.2.1.3.0 Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware (subcomponent: Analytics Web Dashboards). network low complexity oracle	8.2
2017-03-15	CVE-2016-7103	Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function. network low complexity jqueryui oracle fedoraproject netapp redhat juniper debian CWE-79	6.1