VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
>
Oracle
>
Hyperion Infrastructure Technology
> Medium
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2021-12-18
CVE-2021-45105
Uncontrolled Recursion vulnerability in multiple products
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect from uncontrolled recursion from self-referential lookups.
network
high complexity
apache
netapp
debian
sonicwall
oracle
CWE-674
5.9
5.9
2021-07-21
CVE-2021-2445
Unspecified vulnerability in Oracle Hyperion Infrastructure Technology 11.2.5.0
Vulnerability in the Hyperion Infrastructure Technology product of Oracle Hyperion (component: Lifecycle Management).
network
high complexity
oracle
5.7
5.7
2021-07-21
CVE-2021-2347
Unspecified vulnerability in Oracle Hyperion Infrastructure Technology 11.2.5.0
Vulnerability in the Hyperion Infrastructure Technology product of Oracle Hyperion (component: Lifecycle Management).
network
low complexity
oracle
5.2
5.2
2021-03-19
CVE-2021-27906
A carefully crafted PDF file can trigger an OutOfMemory-Exception while loading the file.
local
low complexity
apache
fedoraproject
oracle
5.5
5.5
2021-03-19
CVE-2021-27807
Excessive Iteration vulnerability in multiple products
A carefully crafted PDF file can trigger an infinite loop while loading the file.
local
low complexity
apache
fedoraproject
oracle
CWE-834
5.5
5.5
2021-01-20
CVE-2021-1999
Unspecified vulnerability in Oracle products
Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems (component: RAS subsystems).
local
high complexity
oracle
5.0
5.0
2021-01-20
CVE-2021-1993
Unspecified vulnerability in Oracle products
Vulnerability in the Java VM component of Oracle Database Server.
network
high complexity
oracle
4.8
4.8
2020-11-28
CVE-2020-27218
In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is received entirely but not consumed by the application, then a subsequent request on the same connection will see that body prepended to its body.
network
high complexity
eclipse
netapp
oracle
apache
debian
4.8
4.8
2020-10-21
CVE-2020-14854
Unspecified vulnerability in Oracle Hyperion Infrastructure Technology 11.1.2.4
Vulnerability in the Hyperion Infrastructure Technology product of Oracle Hyperion (component: UI and Visualization).
network
low complexity
oracle
6.1
6.1
2020-09-19
CVE-2020-5421
In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter.
network
high complexity
vmware
oracle
netapp
6.5
6.5
«
1
(current)
2
»
Next