Vulnerabilities (CVE)

Filtered by vendor Oracle Subscribe
Filtered by product Essbase
Total 22 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-12402 3 Apache, Fedoraproject, Oracle 19 Commons Compress, Fedora, Banking Payments and 16 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
The file name encoding algorithm used internally in Apache Commons Compress 1.15 to 1.18 can get into an infinite loop when faced with specially crafted inputs. This can lead to a denial of service attack if an attacker can choose the file names inside of an archive created by Compress.
CVE-2019-10219 3 Netapp, Oracle, Redhat 195 Active Iq Unified Manager, Element, Management Services For Element Software And Netapp Hci and 192 more 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of potentially malicious code in HTML comments and instructions. This vulnerability can result in an XSS attack.