Hyperion Financial Reporting

DATE	CVE	VULNERABILITY TITLE	RISK
2021-10-20	CVE-2021-35665	Unspecified vulnerability in Oracle Hyperion Financial Reporting 11.2.6.0 Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). network low complexity oracle	6.1
2021-03-19	CVE-2021-27906	A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. local low complexity apache fedoraproject oracle	5.5
2021-03-19	CVE-2021-27807	Excessive Iteration vulnerability in multiple products A carefully crafted PDF file can trigger an infinite loop while loading the file. local low complexity apache fedoraproject oracle CWE-834	5.5
2020-11-12	CVE-2019-17566	Server-Side Request Forgery (SSRF) vulnerability in multiple products Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the "xlink:href" attributes. network low complexity apache oracle CWE-918	7.5
2020-04-29	CVE-2020-11023	Cross-site Scripting vulnerability in multiple products In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. network low complexity jquery debian fedoraproject drupal oracle netapp tenable CWE-79	6.1
2020-04-15	CVE-2020-2769	Unspecified vulnerability in Oracle Hyperion Financial Reporting 11.1.2.4 Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion (component: Web Based Report Designer). network low complexity oracle	2.4
2019-10-16	CVE-2019-2959	Unspecified vulnerability in Oracle Hyperion Financial Reporting 11.1.2.4 Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion (component: Security Models). network high complexity oracle	4.2
2019-04-17	CVE-2019-0228	XXE vulnerability in multiple products Apache PDFBox 2.0.14 does not properly initialize the XML parser, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XFDF. network low complexity apache fedoraproject oracle CWE-611 critical	9.8
2018-07-18	CVE-2018-2907	Unspecified vulnerability in Oracle Hyperion Financial Reporting 11.1.2 Vulnerability in the Hyperion Financial Reporting component of Oracle Hyperion (subcomponent: Security Models). network low complexity oracle	8.6
2017-10-19	CVE-2017-10358	Unspecified vulnerability in Oracle Hyperion Financial Reporting 11.1.2 Vulnerability in the Oracle Hyperion Financial Reporting component of Oracle Hyperion (subcomponent: Workspace). network low complexity oracle	6.4