Vulnerabilities > Oracle > Business Intelligence > 12.2.1.4.0

DATE CVE VULNERABILITY TITLE RISK
2020-12-08 CVE-2020-1971 NULL Pointer Dereference vulnerability in multiple products
The X.509 GeneralName type is a generic type for representing different types of names. 		5.9
5.9
2020-11-12 CVE-2019-17566 Server-Side Request Forgery (SSRF) vulnerability in multiple products
Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the "xlink:href" attributes.
network
low complexity
apache oracle CWE-918
7.5
7.5
2020-11-12 CVE-2020-13954 Cross-site Scripting vulnerability in multiple products
By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses.
network
low complexity
apache netapp oracle CWE-79
6.1
6.1
2020-10-21 CVE-2020-14864 Path Traversal vulnerability in Oracle Business Intelligence 12.2.1.3.0/12.2.1.4.0/5.5.0.0.0
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Installation).
network
low complexity
oracle CWE-22
7.8
7.8
2020-10-21 CVE-2020-14843 Unspecified vulnerability in Oracle Business Intelligence 12.2.1.3.0/12.2.1.4.0/5.5.0.0.0
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Actions).
network
oracle
6.8
6.8
2020-10-21 CVE-2020-14815 Unspecified vulnerability in Oracle Business Intelligence 12.2.1.3.0/12.2.1.4.0/5.5.0.0.0
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Actions).
network
oracle
5.8
5.8
2020-10-21 CVE-2020-14766 Unspecified vulnerability in Oracle Business Intelligence
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Web Administration).
network
low complexity
oracle
5.5
5.5
2020-07-15 CVE-2020-14690 Unspecified vulnerability in Oracle Business Intelligence
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Actions).
network
oracle
5.8
5.8
2020-07-15 CVE-2020-14626 Unspecified vulnerability in Oracle Business Intelligence
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Web General).
network
oracle
6.8
6.8
2020-07-15 CVE-2020-14609 Unspecified vulnerability in Oracle Business Intelligence
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Web Answers).
network
low complexity
oracle
7.5
7.5