CVSS: 6.1EPSS: 1%CPEs: 23EXPL: 1CVE-2016-7103 – jquery-ui: cross-site scripting in dialog closeText
https://notcve.org/view.php?id=CVE-2016-7103
09 Dec 2016 — Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function. Vulnerabilidad de XSS en la interfaz de usuario de jQuery en versiones anteriores a 1.12.0 podría permitir a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través del parámetro closeText de la función dialog. It was found that a parameter of the dialog box feature of jQuery UI was vulnerable to ... • http://rhn.redhat.com/errata/RHSA-2016-2932.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.7EPSS: 2%CPEs: 3EXPL: 1CVE-2016-3473 – Oracle BI Publisher 11.1.1.6.0/11.1.1.7.0/11.1.1.9.0/12.2.1.0.0 - XML External Entity Injection
https://notcve.org/view.php?id=CVE-2016-3473
25 Oct 2016 — Unspecified vulnerability in the BI Publisher (formerly XML Publisher) component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote authenticated users to affect confidentiality via unknown vectors. Vulnerabilidad no especificada en el componente BI Publisher (anteriormente XML Publisher) en Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0 y 12.2.1.0.0 permite a usuarios remotos autenticados afectar la confidencialidad a través de vectores desconocidos. • https://www.exploit-db.com/exploits/40590 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.6EPSS: 0%CPEs: 3EXPL: 0CVE-2016-3544
https://notcve.org/view.php?id=CVE-2016-3544
21 Jul 2016 — Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 11.2.1.0.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to Analytics Web General. Vulnerabilidad no especificada en el componente Oracle Business Intelligence Enterprise Edition en Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0 y 11.2.1.0.0 permite a usuarios remotos autenticados afectar la confidencialidad y la i... • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2016-3432
https://notcve.org/view.php?id=CVE-2016-3432
21 Jul 2016 — Unspecified vulnerability in the BI Publisher (formerly XML Publisher) component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to Web Server. Vulnerabilidad no especificada en el componente BI Publisher (anteriormente XML Publisher) en Oracle Fusion Middleware 11.1.1.7.0 y 11.1.1.9.0 permite a usuarios remotos autenticados afectar la confidencialidad y la integridad a través de vectores relacionados con Web... • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2016-3433
https://notcve.org/view.php?id=CVE-2016-3433
21 Jul 2016 — Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to Analytics Web Administration. Vulnerabilidad no especificada en el componente Oracle Business Intelligence Enterprise Edition en Oracle Fusion Middleware 11.1.1.7.0 y 11.1.1.9.0 permite a usuarios remotos autenticados afectar la confidencialidad y la integridad a través... • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-3446
https://notcve.org/view.php?id=CVE-2016-3446
21 Jul 2016 — Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0 and 11.1.1.9.0 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Analytics Web Administration. Vulnerabilidad no especificada en el componente Oracle Business Intelligence Enterprise Edition en Oracle Fusion Middleware 11.1.1.7.0 y 11.1.1.9.0 permite a atacantes remotos afectar la confidencialidad, la integridad y la disponibili... • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html •
CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0CVE-2016-3474
https://notcve.org/view.php?id=CVE-2016-3474
21 Jul 2016 — Unspecified vulnerability in the BI Publisher (formerly XML Publisher) component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality via vectors related to Security. Vulnerabilidad no especificada en el componente BI Publisher (anteriormente XML Publisher) en Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0 y 12.2.1.0.0 permite a atacantes remotos afectar la confidencialidad a través de vectores relacionados con Security. • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html •
CVSS: 5.4EPSS: 0%CPEs: 3EXPL: 0CVE-2016-0468
https://notcve.org/view.php?id=CVE-2016-0468
21 Apr 2016 — Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote authenticated users to affect confidentiality and integrity via vectors related to Analytics Web General. Vulnerabilidad no especificada en el componente Oracle Business Intelligence Enterprise Edition en Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0 y 12.2.1.0.0 permite a usuarios remotos autenticados afectar a la confidencialidad y la... • http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2016-0479
https://notcve.org/view.php?id=CVE-2016-0479
21 Apr 2016 — Unspecified vulnerability in the Oracle Business Intelligence Enterprise Edition component in Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0, and 12.2.1.0.0 allows remote attackers to affect confidentiality and integrity via vectors related to Analytics Scorecard. Vulnerabilidad no especificada en el componente Oracle Business Intelligence Enterprise Edition en Oracle Fusion Middleware 11.1.1.7.0, 11.1.1.9.0 y 12.2.1.0.0 permite atacantes remotos afectar a la confidencialidad y la integridad a través de ve... • http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html •
CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2016-0547
https://notcve.org/view.php?id=CVE-2016-0547
21 Jan 2016 — Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Common Components, a different vulnerability than CVE-2016-0511, CVE-2016-0548, and CVE-2016-0549. Vulnerabilidad no especificada en el componente Oracle E-Business Intelligence en Oracle E-Business Suite 11.5.10.2 permite a atacantes remotos afectar a la confidencialidad y la integridad a través de vecto... • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html •