Oracle Hospitality Simphony — known CVE vulnerabilities
Every CVE whose affected-product data names Oracle Hospitality Simphony, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (38)
CVE-2024-21010 — CVSS 9.9 (critical): Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: Simphony Enterprise Server)…
CVE-2024-20997 — CVSS 9.9 (critical): Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: Simphony Enterprise Server)…
CVE-2018-1285 — CVSS 9.8 (critical): Apache log4net versions before 2.0.10 do not disable XML external entities when parsing log4net configuration files. This allows for…
CVE-2024-21014 — CVSS 9.8 (critical): Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: Simphony Enterprise Server)…
CVE-2018-2608 — CVSS 8.6 (high): Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Security). The supported…
CVE-2018-2829 — CVSS 8.6 (high): Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Enterprise Management…
CVE-2021-2018 — CVSS 8.3 (high): Vulnerability in the Advanced Networking Option component of Oracle Database Server. Supported versions that are affected are 18c and 19c…
CVE-2018-2851 — CVSS 8.1 (high): Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Enterprise…
CVE-2018-2833 — CVSS 8.1 (high): Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Enterprise Management…
CVE-2018-2636 — CVSS 8.1 (high): Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Security). Supported versions…
CVE-2018-2824 — CVSS 7.7 (high): Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Enterprise Management…
CVE-2019-2402 — CVSS 7.7 (high): Vulnerability in the Oracle Hospitality Simphony component of Oracle Food and Beverage Applications. The supported version that is affected…
CVE-2017-10001 — CVSS 7.6 (high): Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Core). The…
CVE-2025-30686 — CVSS 7.6 (high): Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: EMC). Supported versions that…
CVE-2018-2672 — CVSS 7.5 (high): Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: POS). Supported versions that…
CVE-2018-2848 — CVSS 7.5 (high): Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Client…
CVE-2018-2683 — CVSS 7.5 (high): Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: POS). Supported versions that…
CVE-2018-2589 — CVSS 7.5 (high): Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Enterprise Server). Supported…
CVE-2017-10136 — CVSS 7.5 (high): Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Import/Export). The supported…
CVE-2017-10206 — CVSS 7.3 (high): Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Engagement). The supported…
CVE-2018-2978 — CVSS 7.1 (high): Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Import/Export). Supported…
CVE-2024-20989 — CVSS 7.0 (high): Vulnerability in the Oracle Hospitality Simphony product of Oracle Food and Beverage Applications (component: Simphony POS). Supported…
CVE-2020-11022 — CVSS 6.9 (medium): In jQuery starting with 1.12.0 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM…
CVE-2018-2619 — CVSS 6.5 (medium): Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Security). The supported…
CVE-2017-10344 — CVSS 6.5 (medium): Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Import/Export). Supported…
CVE-2017-10343 — CVSS 6.5 (medium): Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Import/Export). Supported…
CVE-2018-2847 — CVSS 6.5 (medium): Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Operations)…
CVE-2019-2403 — CVSS 6.5 (medium): Vulnerability in the Oracle Hospitality Simphony component of Oracle Food and Beverage Applications. The supported version that is affected…
CVE-2019-11358 — CVSS 6.1 (medium): jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of…
CVE-2018-2673 — CVSS 5.9 (medium): Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: POS). Supported versions that…
CVE-2017-10340 — CVSS 5.4 (medium): Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Import/Export). Supported…
CVE-2017-10367 — CVSS 5.4 (medium): Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Engagement). Supported…
CVE-2018-2802 — CVSS 5.4 (medium): Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Client Application Loader)…
CVE-2018-2853 — CVSS 5.4 (medium): Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Operations…
CVE-2017-10425 — CVSS 5.4 (medium): Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Service Host). Supported…
CVE-2017-10207 — CVSS 5.3 (medium): Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Utilities). The supported…
CVE-2017-10195 — CVSS 4.3 (medium): Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Import/Export). The supported…
CVE-2017-10205 — CVSS 4.3 (medium): Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Enterprise Management…