cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-21254,https://securityvulnerability.io/vulnerability/CVE-2024-21254,"Oracle BI Publisher Vulnerability Affects Confidentiality, Integrity, and Availability","The vulnerability impacts Oracle BI Publisher, a component of Oracle Analytics, specifically within its web server capabilities. Its nature allows low-privileged attackers, with network access via HTTP, to gain unauthorized access. This easiness of exploitation can lead to a full takeover of Oracle BI Publisher, raising significant security concerns. The supported affected versions include 7.0.0.0.0, 7.6.0.0.0, and 12.2.1.4.0, underscoring the need for immediate attention from users of these products. The incident highlights crucial risks concerning the confidentiality, integrity, and availability of data managed by Oracle BI Publisher.",Oracle,Oracle Bi Publisher,8.8,HIGH,0.0004799999878741801,false,false,false,false,,false,false,2024-10-15T19:52:52.628Z,0
CVE-2024-21195,https://securityvulnerability.io/vulnerability/CVE-2024-21195,Vulnerability in Oracle BI Publisher Affects Oracle Analytics Products,"The vulnerability in Oracle BI Publisher, part of Oracle Analytics, allows a low-privileged attacker with network access through HTTP to exploit the system. This easily exploitable vulnerability can lead to unauthorized access to sensitive data and the ability to perform updates, inserts, or deletions on accessible data. Additionally, attackers can potentially cause a partial denial of service (DOS) of Oracle BI Publisher, impacting its availability. The affected versions include Oracle BI Publisher 7.0.0.0.0, 7.6.0.0.0, and 12.2.1.4.0, highlighting significant security implications for users of these software versions.",Oracle,Oracle Bi Publisher,7.6,HIGH,0.00046999999904073775,false,false,false,false,,false,false,2024-10-15T19:52:36.335Z,0