cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-22087,https://securityvulnerability.io/vulnerability/CVE-2023-22087,Authentication Flaw in Hospitality OPERA 5 Property Services by Oracle,"A network-based vulnerability in Oracle's Hospitality OPERA 5 Property Services allows an attacker with low privileges to exploit the affected system through HTTP. This flaw can lead to unauthorized control over the Hospitality OPERA 5 Property Services, which may compromise the security and integrity of sensitive data and operational functionalities. Users are urged to apply the recommended patches to mitigate risks associated with this vulnerability.",Oracle,Hospitality Opera 5 Property Services,8.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-10-17T22:15:00.000Z,0
CVE-2023-22085,https://securityvulnerability.io/vulnerability/CVE-2023-22085,Vulnerability in Oracle Hospitality OPERA 5 Property Services,"A vulnerability exists in the Oracle Hospitality OPERA 5 Property Services, specifically in version 5.6, that allows a low privileged attacker with network access via HTTP to take control of the service. Successful exploitation of this vulnerability can lead to unauthorized access, compromising the confidentiality, integrity, and availability of the application. It underscores the need for prompt updates and diligent monitoring of network access to safeguard against potential threats.",Oracle,Hospitality Opera 5 Property Services,8.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2023-10-17T22:15:00.000Z,0
CVE-2023-21932,https://securityvulnerability.io/vulnerability/CVE-2023-21932,Oracle Hospitality OPERA 5 Property Services Vulnerability Exposes Critical Data,"A vulnerability in Oracle Hospitality OPERA 5 Property Services could allow a high-privileged attacker with network access to HTTP interfaces to gain unauthorized access to sensitive data. Although primarily affecting OPERA 5, the implications of this vulnerability may extend to other related Oracle applications, emphasizing the risk of unauthorized data manipulation, including insert, delete, and update operations. Furthermore, the potential for a partial denial of service could disrupt operations, affecting both confidentiality and availability of data within the system.",Oracle,Hospitality Opera 5 Property Services,7.2,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-04-18T20:15:00.000Z,0
CVE-2020-14877,https://securityvulnerability.io/vulnerability/CVE-2020-14877,Vulnerability in Oracle Hospitality OPERA 5 Property Services by Oracle,"The vulnerability in Oracle Hospitality OPERA 5 Property Services allows an attacker with high privileges and network access through HTTP to compromise the system. This security flaw enables unauthorized creation, deletion, or modification of critical data, granting complete access to all resources within the affected services. Targeted versions 5.5 and 5.6 are particularly at risk, making it essential for users to apply necessary patches and updates to mitigate potential exploitation.",Oracle,Hospitality Opera 5 Property Services,6.5,MEDIUM,0.0009399999980814755,false,,false,false,false,,,false,false,,2020-10-21T14:04:30.000Z,0
CVE-2020-14858,https://securityvulnerability.io/vulnerability/CVE-2020-14858,Vulnerability in Oracle Hospitality OPERA 5 Property Services by Oracle,"An exploitable vulnerability exists in the Oracle Hospitality OPERA 5 Property Services product, specifically in its logging component. This flaw impacts supported versions 5.5 and 5.6, allowing attackers with high privileges and network access via HTTP to execute successful attacks. Notably, these attacks require human interaction from a user not affiliated with the attacker, potentially leading to a complete takeover of the Oracle Hospitality OPERA 5 Property Services. This scenario poses significant risks to confidentiality, integrity, and availability of the affected systems.",Oracle,Hospitality Opera 5 Property Services,6.8,MEDIUM,0.00279000005684793,false,,false,false,false,,,false,false,,2020-10-21T14:04:29.000Z,0
CVE-2020-2675,https://securityvulnerability.io/vulnerability/CVE-2020-2675,Exploitable Vulnerability in Oracle Hospitality OPERA 5 Login Component,"A vulnerability exists in the Oracle Hospitality OPERA 5 product, specifically within the Login component, which can be exploited by a low privileged attacker with network access. This flaw permits unauthorized access to critical data, enabling attackers to manipulate data within Oracle Hospitality OPERA 5, including the ability to perform unauthorized updates, inserts, or deletions. Organizations utilizing this software should prioritize remediation to protect sensitive information and maintain data integrity.",Oracle,Hospitality Opera 5 Property Services,7.1,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2020-01-15T16:34:06.000Z,0
CVE-2020-2677,https://securityvulnerability.io/vulnerability/CVE-2020-2677,Oracle Hospitality OPERA 5 Login Vulnerability Exposes Sensitive Data,"A vulnerability in the login component of Oracle Hospitality OPERA 5 allows low-privileged attackers with network access via HTTP to gain unauthorized access to sensitive data. This issue affects supported versions 5.5 and 5.6, with successful exploitation requiring human interaction from a victim. Attackers can potentially access all data that is available within the Oracle Hospitality OPERA 5 system, leading to significant security risks.",Oracle,Hospitality Opera 5 Property Services,5.7,MEDIUM,0.0006399999838322401,false,,false,false,false,,,false,false,,2020-01-15T16:34:06.000Z,0
CVE-2020-2676,https://securityvulnerability.io/vulnerability/CVE-2020-2676,unauthenticated access vulnerability in Oracle Hospitality OPERA 5 product,"A vulnerability exists in Oracle Hospitality OPERA 5 that enables an unauthenticated attacker with network access via HTTP to exploit weaknesses in the printing component. Successful exploitation requires user interaction from a third party, allowing attackers to gain unauthorized access to sensitive data. The exploitation of this vulnerability may lead to data integrity issues, including unauthorized updates, inserts, and deletions. Additionally, the attacker may access confidential information, prompting significant concerns about data security across connected systems.",Oracle,Hospitality Opera 5 Property Services,6.1,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2020-01-15T16:34:06.000Z,0
CVE-2018-2957,https://securityvulnerability.io/vulnerability/CVE-2018-2957,,Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: Logging). The supported version that is affected is 5.5.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality OPERA 5 Property Services accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).,Oracle,Hospitality Opera 5 Property Services,7.5,HIGH,0.001290000043809414,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-3013,https://securityvulnerability.io/vulnerability/CVE-2018-3013,,Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: Report Server Config). The supported version that is affected is 5.5.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality OPERA 5 Property Services accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).,Oracle,Hospitality Opera 5 Property Services,6.5,MEDIUM,0.0007900000200606883,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-3014,https://securityvulnerability.io/vulnerability/CVE-2018-3014,,Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: Reports). The supported version that is affected is 5.5.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality OPERA 5 Property Services accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).,Oracle,Hospitality Opera 5 Property Services,6.5,MEDIUM,0.0007900000200606883,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-2956,https://securityvulnerability.io/vulnerability/CVE-2018-2956,,"Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: Integration). The supported version that is affected is 5.5.x. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Hospitality OPERA 5 Property Services executes to compromise Oracle Hospitality OPERA 5 Property Services. While the vulnerability is in Oracle Hospitality OPERA 5 Property Services, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Hospitality OPERA 5 Property Services. CVSS 3.0 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H).",Oracle,Hospitality Opera 5 Property Services,8.1,HIGH,0.001069999998435378,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-2955,https://securityvulnerability.io/vulnerability/CVE-2018-2955,,Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: Integration). The supported version that is affected is 5.5.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Hospitality OPERA 5 Property Services accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).,Oracle,Hospitality Opera 5 Property Services,5.3,MEDIUM,0.001129999989643693,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2017-10197,https://securityvulnerability.io/vulnerability/CVE-2017-10197,,Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: Folios). The supported version that is affected is 5.4.2.x through 5.5.1.x. Easily exploitable vulnerability allows physical access to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality OPERA 5 Property Services accessible data. CVSS 3.0 Base Score 4.6 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).,Oracle,Hospitality Opera 5 Property Services,4.6,MEDIUM,0.0006300000241026282,false,,false,false,false,,,false,false,,2017-10-19T17:00:00.000Z,0
CVE-2017-10182,https://securityvulnerability.io/vulnerability/CVE-2017-10182,,"Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: OPERA Export Functionality). Supported versions that are affected are 5.4.0.x, 5.4.1.x and 5.4.3.x. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality OPERA 5 Property Services accessible data. CVSS 3.0 Base Score 4.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N).",Oracle,Hospitality Opera 5 Property Services,4.4,MEDIUM,0.0009599999757483602,false,,false,false,false,,,false,false,,2017-08-08T15:00:00.000Z,0
CVE-2017-3573,https://securityvulnerability.io/vulnerability/CVE-2017-3573,,"Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: OPERA Printing). Supported versions that are affected are 5.4.0.x, 5.4.1.x, 5.4.2.x, 5.4.3.x, 5.5.0.x and 5.5.1.x. Easily ""exploitable"" vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Hospitality OPERA 5 Property Services, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Hospitality OPERA 5 Property Services accessible data as well as unauthorized read access to a subset of Oracle Hospitality OPERA 5 Property Services accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Hospitality Opera 5 Property Services,6.1,MEDIUM,0.0006900000153109431,false,,false,false,false,,,false,false,,2017-04-24T19:00:00.000Z,0
CVE-2017-3569,https://securityvulnerability.io/vulnerability/CVE-2017-3569,,"Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: OPERA Business Events). Supported versions that are affected are 5.4.0.x, 5.4.1.x, 5.4.2.x, 5.4.3.x, 5.5.0.x and 5.5.1.x. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Hospitality OPERA 5 Property Services accessible data as well as unauthorized read access to a subset of Oracle Hospitality OPERA 5 Property Services accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).",Oracle,Hospitality Opera 5 Property Services,5.4,MEDIUM,0.0005499999970197678,false,,false,false,false,,,false,false,,2017-04-24T19:00:00.000Z,0
CVE-2017-3574,https://securityvulnerability.io/vulnerability/CVE-2017-3574,,"Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: OPERA License code configuration). Supported versions that are affected are 5.4.0.x, 5.4.1.x, 5.4.2.x, 5.4.3.x, 5.5.0.x and 5.5.1.x. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality OPERA 5 Property Services accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality OPERA 5 Property Services accessible data. CVSS 3.0 Base Score 7.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N).",Oracle,Hospitality Opera 5 Property Services,7.1,HIGH,0.0005600000149570405,false,,false,false,false,,,false,false,,2017-04-24T19:00:00.000Z,0
CVE-2017-3560,https://securityvulnerability.io/vulnerability/CVE-2017-3560,,"Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: OXI Interface). Supported versions that are affected are 5.4.0.x, 5.4.1.x, 5.4.2.x, 5.4.3.x, 5.5.0.x and 5.5.1.x. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Hospitality OPERA 5 Property Services accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).",Oracle,Hospitality Opera 5 Property Services,4.3,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2017-04-24T19:00:00.000Z,0
CVE-2017-3552,https://securityvulnerability.io/vulnerability/CVE-2017-3552,,"Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: OPERA Room Image/Picture Setup). Supported versions that are affected are 5.4.0.x, 5.4.1.x, 5.4.2.x, 5.4.3.x, 5.5.0.x and 5.5.1.x. Easily ""exploitable"" vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Hospitality OPERA 5 Property Services accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).",Oracle,Hospitality Opera 5 Property Services,4.3,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2017-04-24T19:00:00.000Z,0
CVE-2017-3568,https://securityvulnerability.io/vulnerability/CVE-2017-3568,,"Vulnerability in the Oracle Hospitality OPERA 5 Property Services component of Oracle Hospitality Applications (subcomponent: OPERA Printing and Login). Supported versions that are affected are 5.4.0.x, 5.4.1.x, 5.4.2.x, 5.4.3.x, 5.5.0.x and 5.5.1.x. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Hospitality OPERA 5 Property Services executes to compromise Oracle Hospitality OPERA 5 Property Services. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Hospitality OPERA 5 Property Services accessible data as well as unauthorized access to critical data or complete access to all Oracle Hospitality OPERA 5 Property Services accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Hospitality OPERA 5 Property Services. CVSS 3.0 Base Score 6.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L).",Oracle,Hospitality Opera 5 Property Services,6.5,MEDIUM,0.0007999999797903001,false,,false,false,false,,,false,false,,2017-04-24T19:00:00.000Z,0
CVE-2016-5565,https://securityvulnerability.io/vulnerability/CVE-2016-5565,,"Unspecified vulnerability in the Oracle Hospitality OPERA 5 Property Services component in Oracle Hospitality Applications 5.4.0.0 through 5.4.3.0, 5.5.0.0, and 5.5.1.0 allows remote authenticated users to affect confidentiality via vectors related to OPERA.",Oracle,Hospitality Opera 5 Property Services,7.7,HIGH,0.0009500000160187483,false,,false,false,false,,,false,false,,2016-10-25T14:00:00.000Z,0
CVE-2016-5564,https://securityvulnerability.io/vulnerability/CVE-2016-5564,,"Unspecified vulnerability in the Oracle Hospitality OPERA 5 Property Services component in Oracle Hospitality Applications 5.4.0.0 through 5.4.3.0, 5.5.0.0, and 5.5.1.0 allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to OPERA.",Oracle,Hospitality Opera 5 Property Services,7.4,HIGH,0.0007800000021234155,false,,false,false,false,,,false,false,,2016-10-25T14:00:00.000Z,0
CVE-2016-5563,https://securityvulnerability.io/vulnerability/CVE-2016-5563,,"Unspecified vulnerability in the Oracle Hospitality OPERA 5 Property Services component in Oracle Hospitality Applications 5.4.0.0 through 5.4.3.0, 5.5.0.0, and 5.5.1.0 allows remote administrators to affect confidentiality, integrity, and availability via vectors related to OPERA.",Oracle,Hospitality Opera 5 Property Services,7.9,HIGH,0.005679999943822622,false,,false,false,false,,,false,false,,2016-10-25T14:00:00.000Z,0