cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-21133,https://securityvulnerability.io/vulnerability/CVE-2024-21133,Vulnerability in Oracle Reports Developer of Oracle Fusion Middleware,"A vulnerability exists in Oracle Reports Developer, part of the Oracle Fusion Middleware suite, which allows unauthenticated attackers with network access to potentially exploit the system via HTTP. Successful exploitation requires human interaction from a user other than the attacker, which broadens the scope of impact. This vulnerability may allow unauthorized modifications (updates, inserts, or deletions), as well as unauthorized access to certain data subsets available to Oracle Reports Developer. Given its nature, organizations utilizing this component should take proactive measures to mitigate potential risks associated with unauthorized data manipulation and access.",Oracle,Reports Developer,6.1,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-16T23:15:00.000Z,0
CVE-2023-22062,https://securityvulnerability.io/vulnerability/CVE-2023-22062,Oracle Hyperion Financial Reporting Repository Vulnerability,"An easily exploitable vulnerability exists within the Oracle Hyperion Financial Reporting product, specifically in the Repository component. This vulnerability allows low-privileged attackers with network access via HTTP to compromise the Oracle Hyperion Financial Reporting system. Exploitation can lead to unauthorized access to sensitive data and the potential for partial denial of service. Notably, while the vulnerability is centered on Oracle Hyperion Financial Reporting, its exploitation might also have serious implications for related products, expanding the potential attack surface and impact.",Oracle,Hyperion Financial Reporting,8.5,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-07-18T21:15:00.000Z,0
CVE-2023-21826,https://securityvulnerability.io/vulnerability/CVE-2023-21826,Exploitable Vulnerability in Oracle Hospitality Reporting and Analytics by Oracle,"A vulnerability in Oracle Hospitality Reporting and Analytics allows low-privileged attackers with network access via HTTPS to potentially compromise the system. Successful exploitation can lead to unauthorized access to sensitive data, providing attackers with the ability to update, insert, or delete accessible data. This vulnerability also enables attackers to trigger denial of service conditions, causing the application to crash or hang. Note that user interaction is required from a third party, making it crucial for users to remain vigilant.",Oracle,Hospitality Reporting and Analytics,7.6,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-01-18T00:15:00.000Z,0
CVE-2023-21828,https://securityvulnerability.io/vulnerability/CVE-2023-21828,Vulnerability in Oracle Hospitality Reporting and Analytics,"An access control vulnerability exists in the Oracle Hospitality Reporting and Analytics component, part of the broader Oracle Food and Beverage Applications. This vulnerability allows low privileged attackers with network access via HTTPS to exploit the system. Successful exploitation may lead to unauthorized actions, including the creation, deletion, or modification of critical data, potentially compromising sensitive information entirely. This poses significant risks to data confidentiality and integrity, calling for immediate attention from affected users to mitigate potential exploits.",Oracle,Hospitality Reporting and Analytics,8.1,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-01-18T00:15:00.000Z,0
CVE-2021-35665,https://securityvulnerability.io/vulnerability/CVE-2021-35665,Vulnerability in Oracle Hyperion Financial Reporting Repository,"A vulnerability in the Oracle Hyperion Financial Reporting product allows unauthenticated attackers with network access via HTTP to compromise the system. Successful exploits may require human interaction from a user other than the attacker, potentially leading to unauthorized updates, inserts, or deletions of data. Additionally, the vulnerability enables unauthorized read access to certain accessible data within the Hyperion Financial Reporting application. This risk underscores the necessity for robust security practices to protect sensitive financial information.",Oracle,Hyperion Financial Reporting,6.1,MEDIUM,0.0009500000160187483,false,,false,false,false,,,false,false,,2021-10-20T10:51:41.000Z,0
CVE-2021-2395,https://securityvulnerability.io/vulnerability/CVE-2021-2395,Vulnerability in Oracle Hospitality Reporting and Analytics of Oracle Food and Beverage Applications,"A security flaw in Oracle Hospitality Reporting and Analytics within Oracle Food and Beverage Applications allows low-privileged attackers with network access via HTTP to exploit the system. Successful exploitation can lead to unauthorized creation, deletion, or modification of critical data, compromising the integrity and confidentiality of all accessible data. This highlights the necessity for organizations using this software to implement robust security measures to mitigate potential threats.",Oracle,Hospitality Reporting And Analytics,8.1,HIGH,0.0006799999973736703,false,,false,false,false,,,false,false,,2021-07-20T22:44:09.000Z,0
CVE-2021-1997,https://securityvulnerability.io/vulnerability/CVE-2021-1997,Unauthorized Access Vulnerability in Oracle Hospitality Reporting and Analytics,"A vulnerability exists in Oracle Hospitality Reporting and Analytics that permits low privileged attackers with network access via HTTP to compromise the system. Successful exploitation can lead to unauthorized creation, deletion, or modification of critical data, granting attackers access to sensitive information within the application. The affected version is 9.1.0, and it is crucial for users of Oracle's food and beverage solutions to assess their environments and implement necessary security measures to mitigate potential risks.",Oracle,Hospitality Reporting And Analytics,8.1,HIGH,0.0009399999980814755,false,,false,false,false,,,false,false,,2021-01-20T14:49:59.000Z,0
CVE-2020-14753,https://securityvulnerability.io/vulnerability/CVE-2020-14753,Installation Vulnerability in Oracle Hospitality Reporting and Analytics by Oracle,"A vulnerability exists in the Installation component of Oracle Hospitality Reporting and Analytics, impacting version 9.1.0. This security issue allows a low privileged attacker with access to the system to exploit the vulnerability and potentially gain unauthorized access to sensitive data. An essential aspect of this attack is that it requires human interaction from an individual other than the attacker. While the initial target is Oracle Hospitality Reporting and Analytics, the attack can have further implications on related products, exposing critical data and compromising data integrity.",Oracle,Hospitality Reporting And Analytics,5.9,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-10-21T14:04:23.000Z,0
CVE-2020-14616,https://securityvulnerability.io/vulnerability/CVE-2020-14616,Unauthorized Data Access Vulnerability in Oracle Hospitality Reporting and Analytics,"An unauthorized access vulnerability exists in Oracle Hospitality Reporting and Analytics, specifically in the Reporting component. This flaw can be exploited by attackers with high privileges and network access via HTTP. Successful exploitation can lead to unauthorized read access to sensitive data within Oracle Hospitality Reporting and Analytics, potentially compromising data confidentiality for users. Organizations using the affected version must implement security measures to safeguard against these risks.",Oracle,Hospitality Reporting And Analytics,2.7,LOW,0.000539999979082495,false,,false,false,false,,,false,false,,2020-07-15T17:34:30.000Z,0
CVE-2020-14594,https://securityvulnerability.io/vulnerability/CVE-2020-14594,High Privilege Vulnerability in Oracle Hospitality Reporting and Analytics,"A significant vulnerability exists in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications, specifically concerning Inventory Integration. This flaw can be exploited by an attacker with high privileges who has the ability to log on to the infrastructure where the application operates. It allows them to potentially compromise the entire reporting and analytics system. Successfully executing an attack requires the interaction of a separate individual, thus highlighting the importance of user awareness and security protocols. If exploited, the attacker may gain control over the Oracle Hospitality Reporting and Analytics system, posing severe risks to data confidentiality, integrity, and availability.",Oracle,Hospitality Reporting And Analytics,6.5,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-07-15T17:34:29.000Z,0
CVE-2020-14561,https://securityvulnerability.io/vulnerability/CVE-2020-14561,Vulnerability in Oracle Hospitality Reporting and Analytics by Oracle,"An exploitable vulnerability exists in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The affected version, 9.1.0, can be compromised by a low-privileged attacker who has access to the infrastructure where the application runs. Successful exploitation necessitates human interaction from an external individual. This vulnerability poses risks including unauthorized access that can lead to a complete takeover of the Oracle Hospitality Reporting and Analytics system.",Oracle,Hospitality Reporting And Analytics,7.3,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-07-15T17:34:27.000Z,0
CVE-2020-14543,https://securityvulnerability.io/vulnerability/CVE-2020-14543,Vulnerability in Oracle Food and Beverage Applications Affects Hospitality Reporting and Analytics,"A vulnerability exists within Oracle Hospitality Reporting and Analytics that could allow a low-privileged attacker, with their own login credentials, to exploit the system. This exploitation requires a third party's interaction and could result in unauthorized access, thereby compromising the integrity and confidentiality of the application. Affected users should take immediate action to mitigate potential threats and protect sensitive data.",Oracle,Hospitality Reporting And Analytics,7.3,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-07-15T17:34:26.000Z,0
CVE-2020-2769,https://securityvulnerability.io/vulnerability/CVE-2020-2769,Web-Based Report Designer Vulnerability in Oracle Hyperion Financial Reporting,"In Oracle Hyperion Financial Reporting, a vulnerability exists in the Web-Based Report Designer component that can be exploited by an attacker with high privileges and network access. This security flaw allows for unauthorized read access to certain subsets of data within Hyperion Financial Reporting, provided the attacker can induce human interaction from another individual. This vulnerability presents a risk to sensitive financial reporting data, making it essential for organizations to assess their exposure and implement appropriate security measures.",Oracle,Hyperion Financial Reporting,2.4,LOW,0.000539999979082495,false,,false,false,false,,,false,false,,2020-04-15T13:29:45.000Z,0
CVE-2020-2746,https://securityvulnerability.io/vulnerability/CVE-2020-2746,Vulnerability in Oracle Hospitality Reporting and Analytics Component of Oracle Food and Beverage Applications,"A flaw in Oracle Hospitality Reporting and Analytics allows a low privileged attacker with administrative privileges and network access via HTTP to exploit the system. This vulnerability enables unauthorized users to create, delete, or modify critical data within the application. Such exploitations can lead to significant security breaches, resulting in unauthorized access to sensitive data. As a consequence, the compromised data integrity and confidentiality can pose severe risks to organizations relying on these applications for their operational needs. It is crucial for users to apply necessary patches and safeguards to mitigate the risk associated with this vulnerability.",Oracle,Hospitality Reporting And Analytics,8.1,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2020-04-15T13:29:44.000Z,0
CVE-2020-2534,https://securityvulnerability.io/vulnerability/CVE-2020-2534,Security Vulnerability in Oracle Reports Developer of Oracle Fusion Middleware,"This vulnerability in Oracle Reports Developer of Oracle Fusion Middleware allows unauthenticated attackers with network access via HTTP to exploit the system. Although the vulnerability specifically exists within Oracle Reports Developer, successful exploits may lead to unauthorized updates, inserts, or deletions of data, as well as unauthorized read access to sensitive information. To successfully exploit this vulnerability, human interaction from a user other than the attacker is required. This raises significant security concerns for various applications that integrate with Oracle Reports Developer.",Oracle,Reports Developer,6.1,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2020-01-15T16:33:59.000Z,0
CVE-2020-2533,https://securityvulnerability.io/vulnerability/CVE-2020-2533,Unauthorized Access Vulnerability in Oracle Reports Developer by Oracle,"This vulnerability in Oracle Reports Developer, a component of Oracle Fusion Middleware, exposes a significant security risk. It allows unauthenticated attackers with network access to compromise the product via HTTP. Successful exploitation necessitates human interaction from a third party, thereby heightening the risk of unauthorized updates, data modifications, or deletions. While primarily affecting Oracle Reports Developer, the ramifications could extend to other interconnected products, leading to unauthorized access to sensitive data.",Oracle,Reports Developer,6.1,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2020-01-15T16:33:59.000Z,0
CVE-2019-2959,https://securityvulnerability.io/vulnerability/CVE-2019-2959,Security Flaw in Oracle Hyperion Financial Reporting by Oracle,"A vulnerability exists in Oracle Hyperion Financial Reporting, specifically in the security models component, which can be exploited by a high privileged attacker with network access via HTTP. The flaw may lead to unauthorized creation, deletion, or modification of critical data within the Hyperion environment. Successful exploitation requires human interaction from an individual other than the attacker, introducing an element of social engineering into the threat landscape. Attackers may manipulate the integrity of all accessible data in Hyperion Financial Reporting, emphasizing the need for improved security measures and user awareness.",Oracle,Hyperion Financial Reporting,4.2,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2019-10-16T17:40:56.000Z,0
CVE-2019-2952,https://securityvulnerability.io/vulnerability/CVE-2019-2952,Vulnerability in Oracle Hospitality Reporting and Analytics for Food and Beverage Applications,"This vulnerability exists within the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications, specifically in version 9.1.0. It enables an unauthenticated attacker with network access via HTTP to compromise the system. Although the exploit requires human interaction from someone other than the attacker, it poses a significant risk by allowing unauthorized updates, inserts, or deletions of accessible data. Additionally, the exploit can lead to unauthorized reading of certain data within the system, potentially impacting the data integrity and confidentiality across associated products.",Oracle,Hospitality Reporting And Analytics,6.1,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2019-10-16T17:40:56.000Z,0
CVE-2019-2937,https://securityvulnerability.io/vulnerability/CVE-2019-2937,Exploitable Vulnerability in Oracle Food and Beverage Applications Reporting and Analytics,"An exploitable vulnerability exists within the Reporting and Analytics component of Oracle's Food and Beverage Applications. This security flaw allows a low-privileged attacker with Admin - Configuration privileges and network access via HTTP to manipulate the affected system. Successful exploitation can lead to unauthorized creation, deletion, or modification of critical data, granting the attacker extensive access to sensitive information. Entities using version 9.1.0 must take immediate actions to secure their environments to mitigate potential risks.",Oracle,Hospitality Reporting And Analytics,8.1,HIGH,0.0006500000017695129,false,,false,false,false,,,false,false,,2019-10-16T17:40:55.000Z,0
CVE-2019-2936,https://securityvulnerability.io/vulnerability/CVE-2019-2936,Vulnerability in Oracle Hospitality Reporting and Analytics Component,"A vulnerability exists in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications, specifically version 9.1.0. This flaw can be exploited by an attacker with low privileges who has Admin - Configuration rights and network access via HTTP. By leveraging this vulnerability, the attacker could unauthorizedly create, delete, or modify access to critical data within Oracle Hospitality Reporting and Analytics, leading to potential information exposure and integrity issues. Such exploitation poses significant risks to sensitive operational data and overall system integrity.",Oracle,Hospitality Reporting And Analytics,6.8,MEDIUM,0.0006300000241026282,false,,false,false,false,,,false,false,,2019-10-16T17:40:55.000Z,0
CVE-2019-2934,https://securityvulnerability.io/vulnerability/CVE-2019-2934,Vulnerability in Oracle Hospitality Reporting and Analytics Affects Oracle Food and Beverage Applications,"A vulnerability exists in the Oracle Hospitality Reporting and Analytics component, which allows low privileged attackers with Admin - Configuration privileges to exploit the system via HTTP. This could potentially lead to unauthorized creation, modification, or deletion of critical data, compromising the integrity and confidentiality of all accessible data within Oracle Hospitality Reporting and Analytics.",Oracle,Hospitality Reporting And Analytics,8.1,HIGH,0.0006500000017695129,false,,false,false,false,,,false,false,,2019-10-16T17:40:55.000Z,0
CVE-2019-2947,https://securityvulnerability.io/vulnerability/CVE-2019-2947,SQL Injection Vulnerability in Oracle Hospitality Reporting and Analytics,"A SQL injection vulnerability exists within the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. This flaw allows a low privileged attacker with Inventory Integration privileges and network access through HTTP to manipulate the system. If exploited, this could lead to unauthorized access to sensitive information, including critical data, as well as potential unauthorized updates, inserts, or deletions of accessible records. Organizations using the affected version should take immediate steps to mitigate this risk to safeguard their data and ensure system integrity.",Oracle,Hospitality Reporting And Analytics,7.1,HIGH,0.0008900000248104334,false,,false,false,false,,,false,false,,2019-10-16T17:40:55.000Z,0
CVE-2019-2413,https://securityvulnerability.io/vulnerability/CVE-2019-2413,,"Vulnerability in the Oracle Reports Developer component of Oracle Fusion Middleware (subcomponent: Valid Session). The supported version that is affected is 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Reports Developer. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Reports Developer, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Reports Developer accessible data as well as unauthorized read access to a subset of Oracle Reports Developer accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Reports Developer,6.1,MEDIUM,0.01689000055193901,false,,false,false,false,,,false,false,,2019-01-16T19:00:00.000Z,0
CVE-2019-2425,https://securityvulnerability.io/vulnerability/CVE-2019-2425,,"Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Hospitality Reporting and Analytics accessible data as well as unauthorized read access to a subset of Oracle Hospitality Reporting and Analytics accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N).",Oracle,Hospitality Reporting And Analytics,6.5,MEDIUM,0.0006600000197067857,false,,false,false,false,,,false,false,,2019-01-16T19:00:00.000Z,0
CVE-2019-2407,https://securityvulnerability.io/vulnerability/CVE-2019-2407,,"Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.1.0. Easily exploitable vulnerability allows low privileged attacker having Report privilege with logon to the infrastructure where Oracle Hospitality Reporting and Analytics executes to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Reporting and Analytics accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality Reporting and Analytics accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N).",Oracle,Hospitality Reporting And Analytics,6.1,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2019-01-16T19:00:00.000Z,0