Every CVE whose affected-product data names Oracle Bi Publisher, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (36)
CVE-2024-21082 — CVSS 9.8 (critical): Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: XML Services). Supported versions that are affected are…
CVE-2017-5645 — CVSS 9.8 (critical): In Apache Log4j 2.x before 2.8.2, when using the TCP socket server or UDP socket server to receive serialized log events from another…
CVE-2023-21846 — CVSS 8.8 (high): Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Security). Supported versions that are affected…
CVE-2024-21254 — CVSS 8.8 (high): Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Supported versions that are affected are…
CVE-2021-2391 — CVSS 8.8 (high): Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Scheduler). Supported versions that are affected…
CVE-2021-2392 — CVSS 8.8 (high): Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Security). Supported versions that…
CVE-2021-2396 — CVSS 8.8 (high): Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite - XDO). Supported versions that…
CVE-2023-21832 — CVSS 8.8 (high): Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Security). Supported versions that are affected…
CVE-2020-14584 — CVSS 8.2 (high): Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Security). Supported versions that…
CVE-2019-2771 — CVSS 8.2 (high): Vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware (subcomponent: BI Publisher Security)…
CVE-2020-14585 — CVSS 8.2 (high): Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Mobile Service). Supported versions that are…
CVE-2025-50060 — CVSS 8.1 (high): Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Supported versions that are affected are…
CVE-2022-21590 — CVSS 7.6 (high): Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Core Formatting API). Supported versions that are…
CVE-2024-21195 — CVSS 7.6 (high): Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Layout Templates). Supported versions that are affected…
CVE-2022-21346 — CVSS 7.5 (high): Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Security). Supported versions that…
CVE-2021-2400 — CVSS 7.5 (high): Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite - XDO). Supported versions that…
CVE-2025-30724 — CVSS 7.5 (high): Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: XML Services). Supported versions that are affected are…
CVE-2019-2768 — CVSS 7.5 (high): Vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). The…
CVE-2020-14571 — CVSS 7.2 (high): Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Mobile Service). Supported versions that are…
CVE-2024-21083 — CVSS 7.2 (high): Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Script Engine). Supported versions that are affected are…
CVE-2019-2767 — CVSS 7.2 (high): Vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). The…
CVE-2020-14570 — CVSS 7.1 (high): Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: Mobile Service). Supported versions that are…
CVE-2025-61754 — CVSS 6.5 (medium): Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Service API). Supported versions that are affected are…
CVE-2021-21346 — CVSS 6.1 (medium): XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.16, there is a vulnerability which may…
CVE-2019-10219 — CVSS 6.1 (medium): A vulnerability was found in Hibernate-Validator. The SafeHtml validator annotation fails to properly sanitize payloads consisting of…
CVE-2019-11358 — CVSS 6.1 (medium): jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of…
CVE-2024-21084 — CVSS 5.8 (medium): Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Service Gateway). Supported versions that are affected are…
CVE-2023-21970 — CVSS 5.7 (medium): Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Security). The supported version that is affected is…
CVE-2023-22105 — CVSS 5.4 (medium): Vulnerability in the BI Publisher product of Oracle Analytics (component: Web Server). Supported versions that are affected are 6.4.0.0.0…
CVE-2024-20987 — CVSS 5.4 (medium): Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). The supported version that is affected is…
CVE-2025-30723 — CVSS 5.4 (medium): Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: XML Services). Supported versions that are affected are…
CVE-2024-20979 — CVSS 5.4 (medium): Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Supported versions that are affected are…
CVE-2021-2401 — CVSS 5.3 (medium): Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: E-Business Suite - XDO). Supported versions that…
CVE-2023-21941 — CVSS 4.3 (medium): Vulnerability in the Oracle BI Publisher product of Oracle Analytics (component: Web Server). Supported versions that are affected are…
CVE-2022-21523 — CVSS 4.3 (medium): Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Security). Supported versions that…
CVE-2019-2898 — CVSS 4.3 (medium): Vulnerability in the BI Publisher (formerly XML Publisher) product of Oracle Fusion Middleware (component: BI Publisher Security)…