📦 Business Intelligence

CVE-2022-23305 is an SQL injection vulnerability in Log4j 1.2.x's JDBCAppender that allows attackers to execute arbitrary SQL queries by injecting malicious strings into application inputs that get lo...

This critical vulnerability in Oracle Business Intelligence Enterprise Edition allows unauthenticated attackers with network access via HTTP to completely compromise the system. It affects version 12....

This vulnerability in Apache Struts allows attackers to perform remote code execution by forcing OGNL evaluation on raw user input in tag attributes. It affects all Apache Struts 2 installations from ...

This vulnerability in Oracle Business Intelligence Enterprise Edition allows authenticated attackers with local access to the infrastructure to manipulate or access critical data. It affects Oracle An...

This vulnerability in Oracle Business Intelligence Enterprise Edition allows high-privileged attackers with network access to compromise the system via HTTP, requiring human interaction from another p...

CVE-2021-4104 is a deserialization vulnerability in Log4j 1.2's JMSAppender that allows remote code execution when attackers can modify Log4j configuration files. This affects systems running Log4j 1....

A denial-of-service vulnerability in Apache CXF's JsonMapObjectReaderWriter allows attackers to send specially crafted JSON payloads to web services, causing infinite loops that consume 100% CPU on af...

This vulnerability in Oracle Business Intelligence Enterprise Edition allows unauthenticated attackers with network access via HTTP to compromise the system. It requires human interaction from someone...

This vulnerability in Oracle Business Intelligence Enterprise Edition allows authenticated attackers with low privileges to manipulate or view sensitive data through the Analytics Web Answers componen...