Oracle

Hospitality Simphony

38 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.6

CVE-2025-30686

  • EPSS 0.07%
  • Veröffentlicht 15.04.2025 20:31:00
  • Zuletzt bearbeitet 21.04.2025 19:37:30

Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: EMC). Supported versions that are affected are 19.1-19.7. Easily exploitable vulnerability allows low privileged attacker with network acce...

9.8

CVE-2024-21014

  • EPSS 1.23%
  • Veröffentlicht 16.04.2024 22:15:15
  • Zuletzt bearbeitet 17.03.2025 16:15:20

Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: Simphony Enterprise Server). Supported versions that are affected are 19.1.0-19.5.4. Easily exploitable vulnerability allows unauthenticate...

9.9

CVE-2024-21010

  • EPSS 1.04%
  • Veröffentlicht 16.04.2024 22:15:15
  • Zuletzt bearbeitet 17.03.2025 15:15:40

Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: Simphony Enterprise Server). Supported versions that are affected are 19.1.0-19.5.4. Easily exploitable vulnerability allows low privileged...

9.9

CVE-2024-20997

  • EPSS 1.2%
  • Veröffentlicht 16.04.2024 22:15:12
  • Zuletzt bearbeitet 27.11.2024 16:36:39

Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: Simphony Enterprise Server). Supported versions that are affected are 19.1.0-19.5.4. Easily exploitable vulnerability allows low privileged...

7

CVE-2024-20989

  • EPSS 0.3%
  • Veröffentlicht 16.04.2024 22:15:11
  • Zuletzt bearbeitet 27.11.2024 16:36:51

Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: Simphony POS). Supported versions that are affected are 19.1.0-19.5.4. Difficult to exploit vulnerability allows unauthenticated attacker w...

5.1

CVE-2021-2018

  • EPSS 1.34%
  • Veröffentlicht 20.01.2021 15:15:46
  • Zuletzt bearbeitet 21.11.2024 06:02:11

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 18c and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compro...

9.8

CVE-2018-1285

  • EPSS 49.81%
  • Veröffentlicht 11.05.2020 17:15:10
  • Zuletzt bearbeitet 21.11.2024 03:59:32

Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in applications that accept attacker-controlled log4net configuration files.

6.1

CVE-2020-11022

Exploit
  • EPSS 22.55%
  • Veröffentlicht 29.04.2020 22:15:11
  • Zuletzt bearbeitet 21.11.2024 04:56:36

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This prob...

6.1

CVE-2019-11358

Exploit
  • EPSS 2.4%
  • Veröffentlicht 20.04.2019 00:29:00
  • Zuletzt bearbeitet 21.11.2024 04:20:56

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the n...

6.5

CVE-2019-2403

  • EPSS 0.5%
  • Veröffentlicht 16.01.2019 19:30:30
  • Zuletzt bearbeitet 21.11.2024 04:40:48

Vulnerability in the Oracle Hospitality Simphony component of Oracle Food and Beverage Applications. The supported version that is affected is 2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to comp...