Oracle

Hospitality Simphony

38 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.6

CVE-2025-30686

  • EPSS 0.07%
  • Published 15.04.2025 20:31:00
  • Last modified 21.04.2025 19:37:30

Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: EMC). Supported versions that are affected are 19.1-19.7. Easily exploitable vulnerability allows low privileged attacker with network acce...

9.8

CVE-2024-21014

  • EPSS 1.23%
  • Published 16.04.2024 22:15:15
  • Last modified 17.03.2025 16:15:20

Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: Simphony Enterprise Server). Supported versions that are affected are 19.1.0-19.5.4. Easily exploitable vulnerability allows unauthenticate...

9.9

CVE-2024-21010

  • EPSS 1.04%
  • Published 16.04.2024 22:15:15
  • Last modified 17.03.2025 15:15:40

Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: Simphony Enterprise Server). Supported versions that are affected are 19.1.0-19.5.4. Easily exploitable vulnerability allows low privileged...

9.9

CVE-2024-20997

  • EPSS 1.2%
  • Published 16.04.2024 22:15:12
  • Last modified 27.11.2024 16:36:39

Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: Simphony Enterprise Server). Supported versions that are affected are 19.1.0-19.5.4. Easily exploitable vulnerability allows low privileged...

7

CVE-2024-20989

  • EPSS 0.3%
  • Published 16.04.2024 22:15:11
  • Last modified 27.11.2024 16:36:51

Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: Simphony POS). Supported versions that are affected are 19.1.0-19.5.4. Difficult to exploit vulnerability allows unauthenticated attacker w...

5.1

CVE-2021-2018

  • EPSS 1.34%
  • Published 20.01.2021 15:15:46
  • Last modified 21.11.2024 06:02:11

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 18c and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Oracle Net to compro...

9.8

CVE-2018-1285

  • EPSS 49.81%
  • Published 11.05.2020 17:15:10
  • Last modified 21.11.2024 03:59:32

Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for XXE-based attacks in applications that accept attacker-controlled log4net configuration files.

6.1

CVE-2020-11022

Exploit
  • EPSS 22.55%
  • Published 29.04.2020 22:15:11
  • Last modified 21.11.2024 04:56:36

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This prob...

6.1

CVE-2019-11358

Exploit
  • EPSS 2.4%
  • Published 20.04.2019 00:29:00
  • Last modified 21.11.2024 04:20:56

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the n...

6.5

CVE-2019-2403

  • EPSS 0.5%
  • Published 16.01.2019 19:30:30
  • Last modified 21.11.2024 04:40:48

Vulnerability in the Oracle Hospitality Simphony component of Oracle Food and Beverage Applications. The supported version that is affected is 2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to comp...