Vulnerabilities > Oracle > Hospitality Simphony

DATE CVE VULNERABILITY TITLE RISK
2020-05-11 CVE-2018-1285 XXE vulnerability in multiple products
Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files.
network
low complexity
apache fedoraproject oracle netapp CWE-611
critical
9.8
2020-04-29 CVE-2020-11022 In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. 6.1
2019-04-20 CVE-2019-11358 jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. 6.1
2019-01-16 CVE-2019-2403 Unspecified vulnerability in Oracle Hospitality Simphony 2.10
Vulnerability in the Oracle Hospitality Simphony component of Oracle Food and Beverage Applications.
network
low complexity
oracle
6.5
2019-01-16 CVE-2019-2402 Unspecified vulnerability in Oracle Hospitality Simphony 2.10
Vulnerability in the Oracle Hospitality Simphony component of Oracle Food and Beverage Applications.
network
high complexity
oracle
7.7
2018-07-18 CVE-2018-2978 Unspecified vulnerability in Oracle Hospitality Simphony 2.10/2.8/2.9
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Import/Export).
network
high complexity
oracle
7.1
2018-04-19 CVE-2018-2853 Unspecified vulnerability in Oracle Hospitality Simphony 1.6/1.7
Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Operations, Client Application Loader).
network
low complexity
oracle
5.4
2018-04-19 CVE-2018-2851 Unspecified vulnerability in Oracle Hospitality Simphony 1.6/1.7
Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Enterprise Management Console).
network
low complexity
oracle
8.1
2018-04-19 CVE-2018-2848 Unspecified vulnerability in Oracle Hospitality Simphony 1.6/1.7
Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Client Application Loader).
network
low complexity
oracle
7.5
2018-04-19 CVE-2018-2847 Unspecified vulnerability in Oracle Hospitality Simphony 1.6/1.7
Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Operations).
network
low complexity
oracle
6.5