Vulnerabilities > Oracle > Hospitality Opera 5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-15 | CVE-2024-21172 | Unspecified vulnerability in Oracle Hospitality Opera 5 5.6.19.19/5.6.25.8/5.6.26.4 Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications (component: Opera Servlet). | 9.0 |
| 2021-07-21 | CVE-2021-2351 | Session Fixation vulnerability in Oracle products Vulnerability in the Advanced Networking Option component of Oracle Database Server. | 8.3 |
| 2020-12-11 | CVE-2020-17530 | Expression Language Injection vulnerability in multiple products Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. | 9.8 |
| 2020-12-07 | CVE-2020-17521 | Apache Groovy provides extension methods to aid with creating temporary directories. | 5.5 |
| 2020-11-12 | CVE-2019-17566 | Server-Side Request Forgery (SSRF) vulnerability in multiple products Apache Batik is vulnerable to server-side request forgery, caused by improper input validation by the "xlink:href" attributes. | 7.5 |
| 2020-05-11 | CVE-2018-1285 | XXE vulnerability in multiple products Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. | 9.8 |
| 2019-08-20 | CVE-2019-10086 | Deserialization of Untrusted Data vulnerability in multiple products In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. | 7.3 |