Vulnerabilities > Oracle > Hyperion Financial Reporting
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-20 | CVE-2021-35665 | Unspecified vulnerability in Oracle Hyperion Financial Reporting 11.2.6.0 Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). network oracle | 5.8 |
| 2021-03-19 | CVE-2021-27906 | A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file. | 5.5 |
| 2021-03-19 | CVE-2021-27807 | Excessive Iteration vulnerability in multiple products A carefully crafted PDF file can trigger an infinite loop while loading the file. | 5.5 |
| 2020-11-12 | CVE-2019-17566 | Server-Side Request Forgery (SSRF) vulnerability in multiple products Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the "xlink:href" attributes. | 7.5 |
| 2020-04-29 | CVE-2020-11023 | Cross-site Scripting vulnerability in multiple products In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. | 6.1 |
| 2020-04-15 | CVE-2020-2769 | Unspecified vulnerability in Oracle Hyperion Financial Reporting 11.1.2.4 Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion (component: Web Based Report Designer). network oracle | 3.5 |
| 2019-10-16 | CVE-2019-2959 | Unspecified vulnerability in Oracle Hyperion Financial Reporting 11.1.2.4 Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion (component: Security Models). | 2.1 |
| 2019-04-17 | CVE-2019-0228 | XXE vulnerability in multiple products Apache PDFBox 2.0.14 does not properly initialize the XML parser, which allows context-dependent attackers to conduct XML External Entity (XXE) attacks via a crafted XFDF. | 9.8 |
| 2018-07-18 | CVE-2018-2907 | Unspecified vulnerability in Oracle Hyperion Financial Reporting 11.1.2 Vulnerability in the Hyperion Financial Reporting component of Oracle Hyperion (subcomponent: Security Models). | 5.0 |
| 2017-10-19 | CVE-2017-10358 | Unspecified vulnerability in Oracle Hyperion Financial Reporting 11.1.2 Vulnerability in the Oracle Hyperion Financial Reporting component of Oracle Hyperion (subcomponent: Workspace). | 5.5 |