cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-21133,https://securityvulnerability.io/vulnerability/CVE-2024-21133,Vulnerability in Oracle Reports Developer of Oracle Fusion Middleware,"A vulnerability exists in Oracle Reports Developer, part of the Oracle Fusion Middleware suite, which allows unauthenticated attackers with network access to potentially exploit the system via HTTP. Successful exploitation requires human interaction from a user other than the attacker, which broadens the scope of impact. This vulnerability may allow unauthorized modifications (updates, inserts, or deletions), as well as unauthorized access to certain data subsets available to Oracle Reports Developer. Given its nature, organizations utilizing this component should take proactive measures to mitigate potential risks associated with unauthorized data manipulation and access.",Oracle,Reports Developer,6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-07-16T23:15:00.000Z,0
CVE-2023-22062,https://securityvulnerability.io/vulnerability/CVE-2023-22062,Oracle Hyperion Financial Reporting Repository Vulnerability,"An easily exploitable vulnerability exists within the Oracle Hyperion Financial Reporting product, specifically in the Repository component. This vulnerability allows low-privileged attackers with network access via HTTP to compromise the Oracle Hyperion Financial Reporting system. Exploitation can lead to unauthorized access to sensitive data and the potential for partial denial of service. Notably, while the vulnerability is centered on Oracle Hyperion Financial Reporting, its exploitation might also have serious implications for related products, expanding the potential attack surface and impact.",Oracle,Hyperion Financial Reporting,8.5,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2023-07-18T21:15:00.000Z,0
CVE-2023-21828,https://securityvulnerability.io/vulnerability/CVE-2023-21828,Vulnerability in Oracle Hospitality Reporting and Analytics,"An access control vulnerability exists in the Oracle Hospitality Reporting and Analytics component, part of the broader Oracle Food and Beverage Applications. This vulnerability allows low privileged attackers with network access via HTTPS to exploit the system. Successful exploitation may lead to unauthorized actions, including the creation, deletion, or modification of critical data, potentially compromising sensitive information entirely. This poses significant risks to data confidentiality and integrity, calling for immediate attention from affected users to mitigate potential exploits.",Oracle,Hospitality Reporting and Analytics,8.1,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2023-01-18T00:15:00.000Z,0
CVE-2023-21826,https://securityvulnerability.io/vulnerability/CVE-2023-21826,Exploitable Vulnerability in Oracle Hospitality Reporting and Analytics by Oracle,"A vulnerability in Oracle Hospitality Reporting and Analytics allows low-privileged attackers with network access via HTTPS to potentially compromise the system. Successful exploitation can lead to unauthorized access to sensitive data, providing attackers with the ability to update, insert, or delete accessible data. This vulnerability also enables attackers to trigger denial of service conditions, causing the application to crash or hang. Note that user interaction is required from a third party, making it crucial for users to remain vigilant.",Oracle,Hospitality Reporting and Analytics,7.6,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2023-01-18T00:15:00.000Z,0
CVE-2021-35665,https://securityvulnerability.io/vulnerability/CVE-2021-35665,,"Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion (component: Repository). The supported version that is affected is 11.2.6.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Hyperion Financial Reporting. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Hyperion Financial Reporting, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Hyperion Financial Reporting accessible data as well as unauthorized read access to a subset of Hyperion Financial Reporting accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Hyperion Financial Reporting,6.1,MEDIUM,0.0009500000160187483,false,false,false,false,,false,false,2021-10-20T10:51:41.000Z,0
CVE-2021-2395,https://securityvulnerability.io/vulnerability/CVE-2021-2395,,"Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: iCare, Configuration). The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Hospitality Reporting and Analytics accessible data as well as unauthorized access to critical data or complete access to all Oracle Hospitality Reporting and Analytics accessible data. CVSS 3.1 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).",Oracle,Hospitality Reporting And Analytics,8.1,HIGH,0.0006799999973736703,false,false,false,false,,false,false,2021-07-20T22:44:09.000Z,0
CVE-2021-1997,https://securityvulnerability.io/vulnerability/CVE-2021-1997,,"Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: Report). The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Hospitality Reporting and Analytics accessible data as well as unauthorized access to critical data or complete access to all Oracle Hospitality Reporting and Analytics accessible data. CVSS 3.1 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).",Oracle,Hospitality Reporting And Analytics,8.1,HIGH,0.0009399999980814755,false,false,false,false,,false,false,2021-01-20T14:49:59.000Z,0
CVE-2020-14753,https://securityvulnerability.io/vulnerability/CVE-2020-14753,,"Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: Installation). The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Hospitality Reporting and Analytics executes to compromise Oracle Hospitality Reporting and Analytics. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Hospitality Reporting and Analytics, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Reporting and Analytics accessible data. CVSS 3.1 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N).",Oracle,Hospitality Reporting And Analytics,5.9,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2020-10-21T14:04:23.000Z,0
CVE-2020-14616,https://securityvulnerability.io/vulnerability/CVE-2020-14616,,Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: Reporting). The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Hospitality Reporting and Analytics accessible data. CVSS 3.1 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).,Oracle,Hospitality Reporting And Analytics,2.7,LOW,0.000539999979082495,false,false,false,false,,false,false,2020-07-15T17:34:30.000Z,0
CVE-2020-14594,https://securityvulnerability.io/vulnerability/CVE-2020-14594,,"Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: Inventory Integration). The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Hospitality Reporting and Analytics executes to compromise Oracle Hospitality Reporting and Analytics. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle Hospitality Reporting and Analytics. CVSS 3.1 Base Score 6.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H).",Oracle,Hospitality Reporting And Analytics,6.5,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2020-07-15T17:34:29.000Z,0
CVE-2020-14561,https://securityvulnerability.io/vulnerability/CVE-2020-14561,,"Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: Installation). The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Hospitality Reporting and Analytics executes to compromise Oracle Hospitality Reporting and Analytics. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle Hospitality Reporting and Analytics. CVSS 3.1 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H).",Oracle,Hospitality Reporting And Analytics,7.3,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2020-07-15T17:34:27.000Z,0
CVE-2020-14543,https://securityvulnerability.io/vulnerability/CVE-2020-14543,,"Vulnerability in the Oracle Hospitality Reporting and Analytics product of Oracle Food and Beverage Applications (component: Installation). The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Hospitality Reporting and Analytics executes to compromise Oracle Hospitality Reporting and Analytics. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle Hospitality Reporting and Analytics. CVSS 3.1 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H).",Oracle,Hospitality Reporting And Analytics,7.3,HIGH,0.00044999999227002263,false,false,false,false,,false,false,2020-07-15T17:34:26.000Z,0
CVE-2020-2769,https://securityvulnerability.io/vulnerability/CVE-2020-2769,,Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion (component: Web Based Report Designer). The supported version that is affected is 11.1.2.4. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion Financial Reporting. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Hyperion Financial Reporting accessible data. CVSS 3.0 Base Score 2.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N).,Oracle,Hyperion Financial Reporting,2.4,LOW,0.000539999979082495,false,false,false,false,,false,false,2020-04-15T13:29:45.000Z,0
CVE-2020-2746,https://securityvulnerability.io/vulnerability/CVE-2020-2746,,"Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker having Admin privilege with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Hospitality Reporting and Analytics accessible data as well as unauthorized access to critical data or complete access to all Oracle Hospitality Reporting and Analytics accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).",Oracle,Hospitality Reporting And Analytics,8.1,HIGH,0.0008900000248104334,false,false,false,false,,false,false,2020-04-15T13:29:44.000Z,0
CVE-2020-2533,https://securityvulnerability.io/vulnerability/CVE-2020-2533,,"Vulnerability in the Oracle Reports Developer product of Oracle Fusion Middleware (component: Security and Authentication). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Reports Developer. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Reports Developer, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Reports Developer accessible data as well as unauthorized read access to a subset of Oracle Reports Developer accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Reports Developer,6.1,MEDIUM,0.0008299999753944576,false,false,false,false,,false,false,2020-01-15T16:33:59.000Z,0
CVE-2020-2534,https://securityvulnerability.io/vulnerability/CVE-2020-2534,,"Vulnerability in the Oracle Reports Developer product of Oracle Fusion Middleware (component: Security and Authentication). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Reports Developer. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Reports Developer, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Reports Developer accessible data as well as unauthorized read access to a subset of Oracle Reports Developer accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Reports Developer,6.1,MEDIUM,0.0008299999753944576,false,false,false,false,,false,false,2020-01-15T16:33:59.000Z,0
CVE-2019-2959,https://securityvulnerability.io/vulnerability/CVE-2019-2959,,"Vulnerability in the Hyperion Financial Reporting product of Oracle Hyperion (component: Security Models). The supported version that is affected is 11.1.2.4. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion Financial Reporting. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Hyperion Financial Reporting accessible data. CVSS 3.0 Base Score 4.2 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:N).",Oracle,Hyperion Financial Reporting,4.2,MEDIUM,0.000539999979082495,false,false,false,false,,false,false,2019-10-16T17:40:56.000Z,0
CVE-2019-2952,https://securityvulnerability.io/vulnerability/CVE-2019-2952,,"Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Hospitality Reporting and Analytics, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Hospitality Reporting and Analytics accessible data as well as unauthorized read access to a subset of Oracle Hospitality Reporting and Analytics accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Hospitality Reporting And Analytics,6.1,MEDIUM,0.0008299999753944576,false,false,false,false,,false,false,2019-10-16T17:40:56.000Z,0
CVE-2019-2934,https://securityvulnerability.io/vulnerability/CVE-2019-2934,,"Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker having Admin - Configuration privilege with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Hospitality Reporting and Analytics accessible data as well as unauthorized access to critical data or complete access to all Oracle Hospitality Reporting and Analytics accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).",Oracle,Hospitality Reporting And Analytics,8.1,HIGH,0.0006500000017695129,false,false,false,false,,false,false,2019-10-16T17:40:55.000Z,0
CVE-2019-2947,https://securityvulnerability.io/vulnerability/CVE-2019-2947,,"Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker having Inventory Integration privilege with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Reporting and Analytics accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality Reporting and Analytics accessible data. CVSS 3.0 Base Score 7.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N).",Oracle,Hospitality Reporting And Analytics,7.1,HIGH,0.0008900000248104334,false,false,false,false,,false,false,2019-10-16T17:40:55.000Z,0
CVE-2019-2937,https://securityvulnerability.io/vulnerability/CVE-2019-2937,,"Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker having Admin - Configuration privilege with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Hospitality Reporting and Analytics accessible data as well as unauthorized access to critical data or complete access to all Oracle Hospitality Reporting and Analytics accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).",Oracle,Hospitality Reporting And Analytics,8.1,HIGH,0.0006500000017695129,false,false,false,false,,false,false,2019-10-16T17:40:55.000Z,0
CVE-2019-2936,https://securityvulnerability.io/vulnerability/CVE-2019-2936,,"Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Difficult to exploit vulnerability allows low privileged attacker having Admin - Configuration privilege with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Hospitality Reporting and Analytics accessible data as well as unauthorized access to critical data or complete access to all Oracle Hospitality Reporting and Analytics accessible data. CVSS 3.0 Base Score 6.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N).",Oracle,Hospitality Reporting And Analytics,6.8,MEDIUM,0.0006300000241026282,false,false,false,false,,false,false,2019-10-16T17:40:55.000Z,0
CVE-2019-2397,https://securityvulnerability.io/vulnerability/CVE-2019-2397,,"Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker having Report privilege with logon to the infrastructure where Oracle Hospitality Reporting and Analytics executes to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Hospitality Reporting and Analytics accessible data as well as unauthorized read access to a subset of Oracle Hospitality Reporting and Analytics accessible data. CVSS 3.0 Base Score 4.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).",Oracle,Hospitality Reporting And Analytics,4.4,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2019-01-16T19:00:00.000Z,0
CVE-2019-2425,https://securityvulnerability.io/vulnerability/CVE-2019-2425,,"Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Hospitality Reporting and Analytics accessible data as well as unauthorized read access to a subset of Oracle Hospitality Reporting and Analytics accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N).",Oracle,Hospitality Reporting And Analytics,6.5,MEDIUM,0.0006600000197067857,false,false,false,false,,false,false,2019-01-16T19:00:00.000Z,0
CVE-2019-2413,https://securityvulnerability.io/vulnerability/CVE-2019-2413,,"Vulnerability in the Oracle Reports Developer component of Oracle Fusion Middleware (subcomponent: Valid Session). The supported version that is affected is 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Reports Developer. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Reports Developer, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Reports Developer accessible data as well as unauthorized read access to a subset of Oracle Reports Developer accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Reports Developer,6.1,MEDIUM,0.01689000055193901,false,false,false,false,,false,false,2019-01-16T19:00:00.000Z,0