cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-21083,https://securityvulnerability.io/vulnerability/CVE-2024-21083,Vulnerability in Oracle BI Publisher product of Oracle Analytics,"A high-privilege attacker with network access via HTTP can exploit a vulnerability in the Oracle BI Publisher component of Oracle Analytics. This vulnerability affects versions 7.0.0.0.0 and 12.2.1.4.0, allowing attackers to gain control over the Oracle BI Publisher system. Successful exploitation can lead to unauthorized access to sensitive data, potentially compromising the confidentiality, integrity, and availability of the BI Publisher service. Organizations using these versions are advised to apply necessary security patches to mitigate the risk.",Oracle,Bi Publisher (formerly Xml Publisher),7.2,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-16T22:15:00.000Z,0
CVE-2024-20980,https://securityvulnerability.io/vulnerability/CVE-2024-20980,Oracle BI Publisher Vulnerability Allows Low-Privileged Attacks on Data,"A vulnerability exists within the Oracle BI Publisher component of Oracle Analytics, specifically affecting versions 6.4.0.0.0 and 7.0.0.0.0. This vulnerability can be exploited by a low-privileged attacker who has network access through HTTP, requiring human interaction for successful exploitation. Although directly related to Oracle BI Publisher, the implications of this vulnerability extend to other products, highlighting a significant scope change. Successful exploitation can lead to unauthorized operations, impacting both the confidentiality and integrity of accessible data, allowing malicious actors to perform updates, inserts, or deletions, as well as gain unauthorized read access to data within Oracle BI Publisher.",Oracle,BI Publisher (formerly XML Publisher),5.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-02-17T01:50:21.994Z,0
CVE-2024-20987,https://securityvulnerability.io/vulnerability/CVE-2024-20987,Web Server Vulnerability in Oracle Analytics BI Publisher,"A vulnerability exists in the Oracle BI Publisher component of Oracle Analytics, which may allow a low-privilege attacker with network access via HTTP to compromise the system. Successful exploitation requires user interaction from someone other than the attacker, and while it primarily affects Oracle BI Publisher, the consequences can extend to additional products. Attackers could gain unauthorized access to update, insert, or delete data within Oracle BI Publisher and read certain accessible data unauthorizedly. This vulnerability demonstrates the need for enhanced security measures and awareness of potential attacks against web server components.",Oracle,BI Publisher (formerly XML Publisher),5.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-01-16T21:41:26.007Z,0
CVE-2024-20979,https://securityvulnerability.io/vulnerability/CVE-2024-20979,Server Vulnerability in Oracle Analytics' BI Publisher Product,"A vulnerability has been identified in Oracle BI Publisher, which is part of Oracle Analytics, that allows low privileged attackers with network access via HTTP to exploit the system. This vulnerability is concerning as it allows unauthorized actions, including updates and reads of sensitive data. Attackers may require human interaction to launch a successful exploit, expanding the potential impact beyond just Oracle BI Publisher itself. This vulnerability might lead to significant implications for any data handled by the accessible version of Oracle BI Publisher.",Oracle,BI Publisher (formerly XML Publisher),5.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-01-16T21:41:24.760Z,0
CVE-2023-22105,https://securityvulnerability.io/vulnerability/CVE-2023-22105,Vulnerability in BI Publisher Product of Oracle Analytics,"The BI Publisher component of Oracle Analytics is vulnerable to exploitation by low privileged attackers with network access via HTTP. This vulnerability is easily exploitable and requires human interaction from an individual other than the attacker. Compromise of BI Publisher can lead to unauthorized update, insert, or delete operations to accessible data, as well as potential unauthorized reading of sensitive data. Although the vulnerability exists primarily within BI Publisher, the implications of successful attacks may extend to other connected products, resulting in significant scope changes and data integrity concerns.",Oracle,Bi Publisher (formerly Xml Publisher),5.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-10-17T22:15:00.000Z,0
CVE-2023-21970,https://securityvulnerability.io/vulnerability/CVE-2023-21970,Security Vulnerability in Oracle BI Publisher of Oracle Analytics,"A vulnerability exists in the Oracle BI Publisher component of Oracle Analytics that can be exploited by a low privileged attacker with network access via HTTP. This vulnerability allows unauthorized access to sensitive data and could lead to complete access to all data accessible through Oracle BI Publisher. Successful exploitation requires human interaction from an individual other than the attacker, raising concerns about data confidentiality and access control. Organizations must take precautionary measures to mitigate such risks and protect sensitive information.",Oracle,Bi Publisher (formerly Xml Publisher),5.7,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-04-18T20:15:00.000Z,0
CVE-2023-21941,https://securityvulnerability.io/vulnerability/CVE-2023-21941,Web Server Vulnerability in Oracle BI Publisher by Oracle,"An exploitable vulnerability exists in the Web Server component of Oracle BI Publisher, which is part of Oracle Analytics. This issue allows a low privileged attacker with network access to exploit the vulnerability via HTTP. Successful exploitation can lead to unauthorized read access to specific data within the Oracle BI Publisher system, posing a significant risk to data confidentiality.",Oracle,Bi Publisher (formerly Xml Publisher),4.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-04-18T20:15:00.000Z,0
CVE-2023-21846,https://securityvulnerability.io/vulnerability/CVE-2023-21846,Exploitable Vulnerability in Oracle BI Publisher by Oracle,"An exploitable security vulnerability exists in Oracle BI Publisher, part of Oracle Fusion Middleware. This issue affects versions 5.9.0.0.0, 6.4.0.0.0, and 12.2.1.4.0, allowing low privileged attackers with network access through various protocols to potentially compromise the system. A successful exploitation can result in unauthorized control of the Oracle BI Publisher, leading to significant risks to confidentiality, integrity, and availability.",Oracle,BI Publisher (formerly XML Publisher),8.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-01-18T00:15:00.000Z,0
CVE-2023-21832,https://securityvulnerability.io/vulnerability/CVE-2023-21832,Security Flaw in Oracle BI Publisher by Oracle,"A security vulnerability in Oracle BI Publisher allows a low-privileged attacker with network access to exploit the system via multiple protocols. This issue affects various supported versions and could lead to unauthorized takeover of Oracle BI Publisher, thereby compromising the confidentiality, integrity, and availability of sensitive data.",Oracle,BI Publisher (formerly XML Publisher),8.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-01-18T00:15:00.000Z,0
CVE-2022-21590,https://securityvulnerability.io/vulnerability/CVE-2022-21590,Vulnerability in Oracle BI Publisher Affects Oracle Fusion Middleware,"This vulnerability in Oracle BI Publisher, part of Oracle Fusion Middleware’s Core Formatting API, permits low-privileged attackers with network access to exploit it through HTTP. A successful exploit can lead to unauthorized access to sensitive data, allowing attackers to view, update, insert, or delete information within Oracle BI Publisher. Additionally, the vulnerability poses the risk of a partial denial of service, compromising the availability of the service. It is crucial for users running the affected versions to apply security updates promptly to safeguard their data integrity and confidentiality.",Oracle,Bi Publisher (formerly Xml Publisher),7.6,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-10-18T00:00:00.000Z,0
CVE-2022-21523,https://securityvulnerability.io/vulnerability/CVE-2022-21523,Vulnerability in Oracle BI Publisher Security Component of Oracle Fusion Middleware,"An exploitable vulnerability exists in the Oracle BI Publisher component of Oracle Fusion Middleware, affecting versions 12.2.1.3.0 and 12.2.1.4.0. A low privileged attacker with network access via HTTP can compromise Oracle BI Publisher, leading to unauthorized read access to a portion of the data. This poses a significant risk to organizations relying on this platform for sensitive data management.",Oracle,Bi Publisher (formerly Xml Publisher),4.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-07-19T21:07:04.000Z,0
CVE-2022-21346,https://securityvulnerability.io/vulnerability/CVE-2022-21346,Unauthenticated Access Vulnerability in Oracle BI Publisher by Oracle,"This vulnerability in Oracle BI Publisher within the Oracle Fusion Middleware allows an unauthenticated attacker with network access via HTTP to exploit the system. Successful exploitation can lead to unauthorized access to sensitive data stored in Oracle BI Publisher, potentially compromising the confidentiality of crucial business information.",Oracle,Bi Publisher (formerly Xml Publisher),7.5,HIGH,0.0012199999764561653,false,,false,false,false,,,false,false,,2022-01-19T11:25:10.000Z,0
CVE-2021-2401,https://securityvulnerability.io/vulnerability/CVE-2021-2401,Unauthorized Data Access in Oracle BI Publisher from Oracle Fusion Middleware,"An unauthenticated attacker with network access can exploit a vulnerability in Oracle BI Publisher, which is part of Oracle Fusion Middleware, to gain unauthorized read access to specific data. This issue affects several supported versions of the software, potentially exposing sensitive information to attackers without requiring authentication.",Oracle,Bi Publisher (formerly Xml Publisher),5.3,MEDIUM,0.011180000379681587,false,,false,false,false,,,false,false,,2021-07-20T22:44:15.000Z,0
CVE-2021-2400,https://securityvulnerability.io/vulnerability/CVE-2021-2400,Authorization Bypass in Oracle BI Publisher by Oracle Corporation,"Oracle BI Publisher, part of Oracle Fusion Middleware, has a vulnerability that allows an unauthenticated attacker with network access via HTTP to gain unauthorized entry. This security flaw can lead to access to critical data stored within Oracle BI Publisher, posing significant risks to sensitive information. Organizations using affected versions should prioritize applying available security patches to mitigate potential breaches.",Oracle,Bi Publisher (formerly Xml Publisher),7.5,HIGH,0.005049999803304672,false,,false,false,false,,,false,false,,2021-07-20T22:44:14.000Z,0
CVE-2021-2396,https://securityvulnerability.io/vulnerability/CVE-2021-2396,Vulnerability in Oracle BI Publisher from Oracle Fusion Middleware,"The vulnerability in Oracle BI Publisher, part of Oracle Fusion Middleware, allows low-privileged attackers with network access via HTTP to exploit the system. Affected versions include 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0, and 12.2.1.4.0. Successful exploitation could lead to a complete takeover of Oracle BI Publisher, posing significant risks to the confidentiality, integrity, and availability of the system.",Oracle,Bi Publisher (formerly Xml Publisher),8.8,HIGH,0.06870999932289124,false,,false,false,false,,,false,false,,2021-07-20T22:44:10.000Z,0
CVE-2021-2392,https://securityvulnerability.io/vulnerability/CVE-2021-2392,Security Flaw in Oracle Fusion Middleware's BI Publisher Product,"An exploitable security flaw in Oracle BI Publisher allows an attacker with limited privileges to compromise the system through HTTP access. This vulnerability can lead to complete control over the Oracle BI Publisher, affecting confidentiality, integrity, and availability of the system.",Oracle,Bi Publisher (formerly Xml Publisher),8.8,HIGH,0.08173999935388565,false,,false,false,false,,,false,false,,2021-07-20T22:44:06.000Z,0
CVE-2021-2391,https://securityvulnerability.io/vulnerability/CVE-2021-2391,Exploitable Vulnerability in Oracle BI Publisher by Oracle,"An exploitable vulnerability exists in Oracle BI Publisher, part of Oracle Fusion Middleware, specifically within the Scheduler component. This vulnerability affects various supported versions and allows low privileged attackers with network access via HTTP to compromise Oracle BI Publisher. Successful exploitation could enable attackers to take control of the affected instances, leading to potential unauthorized access and control over sensitive data and functionalities.",Oracle,Bi Publisher (formerly Xml Publisher),8.8,HIGH,0.08173999935388565,false,,false,false,false,,,false,false,,2021-07-20T22:44:05.000Z,0
CVE-2021-2062,https://securityvulnerability.io/vulnerability/CVE-2021-2062,Unauthorized Access Vulnerability in Oracle BI Publisher by Oracle,"An exploitable vulnerability exists in Oracle BI Publisher, part of Oracle Fusion Middleware’s web server component, which allows an attacker with low privileges to compromise the product. Successful exploitation requires human interaction from a victim but can lead to unauthorized access to sensitive data and potentially allow attackers to update, insert or delete data within the affected Oracle BI Publisher instances. This vulnerability can have far-reaching impacts, affecting additional connected products and services.",Oracle,Bi Publisher (formerly Xml Publisher),7.6,HIGH,0.0007099999929778278,false,,false,false,false,,,false,false,,2021-01-20T14:50:06.000Z,0
CVE-2021-2051,https://securityvulnerability.io/vulnerability/CVE-2021-2051,Vulnerability in Oracle BI Publisher from Oracle Fusion Middleware,"An easily exploitable vulnerability exists in Oracle BI Publisher within the Oracle Fusion Middleware, specifically impacting various versions. This flaw permits low privileged attackers with network access via HTTP to compromise the system. Successful exploitation could lead to unauthorized access to sensitive data and enable attackers to update, insert, or delete data within Oracle BI Publisher. Furthermore, it poses a risk of partial denial of service, impacting the availability of the product. Organizations using the affected versions should take immediate action to mitigate potential threats.",Oracle,Bi Publisher (formerly Xml Publisher),7.6,HIGH,0.0008800000068731606,false,,false,false,false,,,false,false,,2021-01-20T14:50:05.000Z,0
CVE-2021-2050,https://securityvulnerability.io/vulnerability/CVE-2021-2050,Unauthorized Data Access in Oracle BI Publisher by Oracle,"A vulnerability exists in the Oracle BI Publisher component of Oracle Fusion Middleware that allows a low privileged attacker with network access via HTTP to compromise the system. Successful exploitation of this flaw can lead to unauthorized access to sensitive data, complete control over accessible information within Oracle BI Publisher, and unauthorized modifications—including updates, insertions, or deletions—to the data. Furthermore, this vulnerability can potentially facilitate a partial denial of service, disrupting the availability of Oracle BI Publisher for legitimate users.",Oracle,Bi Publisher (formerly Xml Publisher),7.6,HIGH,0.0008800000068731606,false,,false,false,false,,,false,false,,2021-01-20T14:50:05.000Z,0
CVE-2021-2049,https://securityvulnerability.io/vulnerability/CVE-2021-2049,Vulnerability in Oracle BI Publisher of Oracle Fusion Middleware,"The vulnerability in Oracle BI Publisher, part of Oracle Fusion Middleware, permits a low-privileged attacker with network access via HTTP to exploit the system. Successful exploitation may lead to unauthorized access to sensitive data and the ability to perform unauthorized operations such as updates and deletions on the accessible data in Oracle BI Publisher. Furthermore, this vulnerability can result in a Partial Denial of Service, affecting the availability of the system. It’s crucial for organizations using affected versions to apply security updates promptly to safeguard their data.",Oracle,Bi Publisher (formerly Xml Publisher),7.6,HIGH,0.0008800000068731606,false,,false,false,false,,,false,false,,2021-01-20T14:50:05.000Z,0
CVE-2021-2013,https://securityvulnerability.io/vulnerability/CVE-2021-2013,Security Flaw in Oracle BI Publisher by Oracle,"An improper access control vulnerability exists in Oracle BI Publisher within Oracle Fusion Middleware, allowing low privileged attackers with network access via HTTP to compromise the system. Affected versions include 5.5.0.0.0, 11.1.1.9.0, 12.2.1.3.0, and 12.2.1.4.0. Successful exploitation can lead to unauthorized access to sensitive data and enable attackers to alter, insert, or delete records. Additionally, it can cause a partial denial of service, impacting the availability of the Oracle BI Publisher service.",Oracle,Bi Publisher (formerly Xml Publisher),7.6,HIGH,0.0008800000068731606,false,,false,false,false,,,false,false,,2021-01-20T14:50:01.000Z,0
CVE-2020-14880,https://securityvulnerability.io/vulnerability/CVE-2020-14880,Unauthorized Data Access Vulnerability in Oracle Fusion Middleware BI Publisher,"An exploit in the BI Publisher component of Oracle Fusion Middleware allows attackers with low privileges and network access to compromise sensitive data. Although primarily affecting BI Publisher, successful exploitation could lead to unauthorized access to crucial data across other linked products. This vulnerability enables attackers to update, insert, or delete information, significantly jeopardizing data integrity and confidentiality.",Oracle,Bi Publisher (formerly Xml Publisher),8.5,HIGH,0.0009399999980814755,false,,false,false,false,,,false,false,,2020-10-21T14:04:30.000Z,0
CVE-2020-14879,https://securityvulnerability.io/vulnerability/CVE-2020-14879,Oracle Fusion Middleware - BI Publisher Vulnerability,"The BI Publisher component of Oracle Fusion Middleware contains a vulnerability that can be easily exploited by low-privileged attackers with network access via HTTP. Although specifically within BI Publisher, exploitation of this vulnerability can have far-reaching consequences, impacting not just the BI Publisher but potentially other associated products. Attackers leveraging this flaw may gain unauthorized access to sensitive data, and they might be able to perform unauthorized updates, inserts, or deletions on accessible data within BI Publisher, threatening data confidentiality and integrity.",Oracle,Bi Publisher (formerly Xml Publisher),8.5,HIGH,0.0009399999980814755,false,,false,false,false,,,false,false,,2020-10-21T14:04:30.000Z,0
CVE-2020-14842,https://securityvulnerability.io/vulnerability/CVE-2020-14842,Unauthenticated Access Vulnerability in Oracle Fusion Middleware's BI Publisher,"A vulnerability exists in the BI Publisher component of Oracle Fusion Middleware that allows unauthenticated attackers with network access via HTTP to exploit the system. While direct attacks are possible, successful exploitation may necessitate human interaction from a third party. The impact of this vulnerability can facilitate unauthorized access to sensitive data in BI Publisher, allowing attackers to read, modify, or delete information without proper authorization. This weakness can have significant repercussions, potentially affecting the integrity and confidentiality of information processed by various connected products.",Oracle,Bi Publisher (formerly Xml Publisher),8.2,HIGH,0.0027000000700354576,false,,false,false,false,,,false,false,,2020-10-21T14:04:28.000Z,0