Hospitality Simphony@19.1.0 Security Vulnerabilities and Issues — Hospitality Simphony@19.1.0 CVE List

Lucene search

OracleHospitality Simphony19.1.0

7 matches found

CVE•added 2020/04/29 10:15 p.m.•7001 views

CVE-2020-11022

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

6.9CVSS7.2AI score0.22783EPSS

In wild

CVE•added 2019/04/20 12:29 a.m.•2258 views

CVE-2019-11358

jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable proto property, it could extend the native Object.prototype.

6.1CVSS6.4AI score0.05848EPSS

In wild

CVE•added 2024/04/16 10:15 p.m.•67 views

CVE-2024-21014

Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: Simphony Enterprise Server). Supported versions that are affected are 19.1.0-19.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to comprom...

9.8CVSS8.8AI score0.01234EPSS

CVE•added 2024/04/16 10:15 p.m.•58 views

CVE-2024-21010

Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: Simphony Enterprise Server). Supported versions that are affected are 19.1.0-19.5.4. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromi...

9.9CVSS8.5AI score0.01044EPSS

CVE•added 2024/04/16 10:15 p.m.•57 views

CVE-2024-20997

Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: Simphony Enterprise Server). Supported versions that are affected are 19.1.0-19.5.4. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromi...

9.9CVSS8.5AI score0.01195EPSS

CVE•added 2025/04/15 9:15 p.m.•51 views

CVE-2025-30686

Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: EMC). Supported versions that are affected are 19.1-19.7. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Simph...

7.6CVSS6.8AI score0.00054EPSS

CVE•added 2024/04/16 10:15 p.m.•49 views

CVE-2024-20989

Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: Simphony POS). Supported versions that are affected are 19.1.0-19.5.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle H...

7CVSS7.5AI score0.00303EPSS