Vulnerabilities > Oracle > Business Intelligence > 12.2.1.4.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-15 | CVE-2020-2531 | Unspecified vulnerability in Oracle Business Intelligence 12.2.1.3.0/12.2.1.4.0 Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: BI Platform Security). | 3.1 |
| 2020-01-02 | CVE-2019-14862 | There is a vulnerability in knockout before version 3.5.0-beta, where after escaping the context of the web application, the web application delivers data to its users along with other trusted dynamic content, without validating it. | 6.1 |
| 2019-11-08 | CVE-2019-10219 | A vulnerability was found in Hibernate-Validator. | 6.1 |
| 2019-10-16 | CVE-2019-3012 | Unspecified vulnerability in Oracle Business Intelligence 11.1.1.9.0/12.2.1.3.0/12.2.1.4.0 Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: BI Platform Security). | 5.3 |
| 2019-10-16 | CVE-2019-2905 | Unspecified vulnerability in Oracle Business Intelligence 12.2.1.3.0/12.2.1.4.0 Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Installation). | 8.6 |
| 2019-10-16 | CVE-2019-2900 | Unspecified vulnerability in Oracle Business Intelligence 12.2.1.3.0/12.2.1.4.0 Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Actions). | 7.5 |
| 2019-10-16 | CVE-2019-2897 | Unspecified vulnerability in Oracle products Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Actions). | 6.4 |
| 2019-04-23 | CVE-2019-2605 | Unspecified vulnerability in Oracle Business Intelligence 11.1.1.9.0/12.2.1.3.0/12.2.1.4.0 Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware (subcomponent: Web Catalog). | 3.4 |
| 2019-02-27 | CVE-2019-1559 | Information Exposure Through Discrepancy vulnerability in multiple products If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. | 5.9 |
| 2018-05-24 | CVE-2018-8013 | Deserialization of Untrusted Data vulnerability in multiple products In Apache Batik 1.x before 1.10, when deserializing subclass of `AbstractDocument`, the class takes a string from the inputStream as the class name which then use it to call the no-arg constructor of the class. | 9.8 |