Essbase
This hub aggregates every CVE we track for Essbase, a product in the databases space. Use it to gauge the current risk picture and drill into individual advisories.
23
CVEs tracked
1
Critical
7
High
0
In CISA KEV
Severity distribution
MEDIUM11HIGH7LOW4CRITICAL1
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 15 most recently published vulnerabilities affecting Essbase.
- CVE-2025-61763Vulnerability in Oracle Essbase (component: Essbase Web Platform). The supported version that is affected is 21.7.3.0.0. Easily exploitable vulnerability allows low privileged attacker with netwo...8.1
- CVE-2023-22010Vulnerability in Oracle Essbase (component: Security and Provisioning). The supported version that is affected is 21.4.3.0.0. Difficult to exploit vulnerability allows high privileged attacker wi...2.2
- CVE-2023-21944Vulnerability in Oracle Essbase (component: Security and Provisioning). The supported version that is affected is 21.4. Difficult to exploit vulnerability allows unauthenticated attacker with net...5.3
- CVE-2023-21942Vulnerability in Oracle Essbase (component: Security and Provisioning). The supported version that is affected is 21.4. Difficult to exploit vulnerability allows unauthenticated attacker with net...5.3
- CVE-2023-21943Vulnerability in Oracle Essbase (component: Security and Provisioning). The supported version that is affected is 21.4. Difficult to exploit vulnerability allows unauthenticated attacker with net...5.3
- CVE-2022-21508Vulnerability in Oracle Essbase (component: Security and Provisioning). The supported version that is affected is 21.3. Easily exploitable vulnerability allows high privileged attacker with logon t...5.8
- CVE-2021-3712Read buffer overruns processing ASN.1 strings7.4
- CVE-2021-3711SM2 Decryption Buffer Overflow9.8
- CVE-2021-22901curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can u...8.1
- CVE-2021-22897curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The...5.3
- CVE-2021-22898curl 7.7 through 7.76.1 suffers from an information disclosure when the `-t` command line option, known as `CURLOPT_TELNETOPTIONS` in libcurl, is used to send variable=content pairs to TELNET serve...3.1
- CVE-2021-20718mod_auth_openidc 2.4.0 to 2.4.7 allows a remote attacker to cause a denial-of-service (DoS) condition via unspecified vectors.7.5
- CVE-2021-22890curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. When using a HTTPS proxy and TLS ...3.7
- CVE-2021-22876curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header. libcurl does not strip...5.3
- CVE-2021-3449NULL pointer deref in signature_algorithms processing5.9
Product normalization is registry-driven with AI assist and human review. How it works