Skip to main content

Hospitality Cruise Shipboard Property Management System

16 CVEs product

Monthly

CVE-2022-29885 Maven HIGH POC PATCH THREAT This Week

The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Apache Tomcat Debian Linux Hospitality Cruise Shipboard Property Management System
NVD Exploit-DB
CVSS 3.1
7.5
EPSS
73.1%
CVE-2021-42340 Maven HIGH PATCH This Week

The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Tomcat Apache Denial Of Service Hci Management Services For Element Software +15
NVD
CVSS 3.1
7.5
EPSS
11.0%
CVE-2021-33037 Maven MEDIUM PATCH This Month

Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This HTTP Request/Response Smuggling vulnerability could allow attackers to manipulate HTTP request interpretation between frontend and backend servers.

Tomcat Request Smuggling Apache Information Disclosure Tomee +20
NVD
CVSS 3.1
5.3
EPSS
75.4%
CVE-2021-30640 Maven MEDIUM PATCH This Month

A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required.

Tomcat Apache Authentication Bypass Communications Cloud Native Core Policy Communications Diameter Signaling Router +4
NVD
CVSS 3.1
6.5
EPSS
9.9%
CVE-2021-22112 Maven HIGH PATCH This Week

Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Java Spring Security Communications Element Manager Communications Interactive Session Recorder +4
NVD
CVSS 3.1
8.8
EPSS
3.2%
CVE-2019-10219 Maven MEDIUM POC PATCH This Month

A vulnerability was found in Hibernate-Validator. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Hibernate Validator Fuse Jboss Data Grid Jboss Enterprise Application Platform +184
NVD GitHub
CVSS 3.1
6.1
EPSS
2.2%
CVE-2019-2411 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: SPMS Suite). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Hospitality Cruise Shipboard Property Management System
NVD
CVSS 3.0
7.6
EPSS
0.9%
CVE-2019-2410 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: DGS RES Online, FMS Sender, FMS Receiver, OHC WPF. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Oracle Hospitality Cruise Shipboard Property Management System
NVD
CVSS 3.0
5.1
EPSS
0.4%
CVE-2019-2409 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: SPMS Suite). Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Denial Of Service Oracle Hospitality Cruise Shipboard Property Management System
NVD
CVSS 3.0
6.7
EPSS
0.4%
CVE-2018-3181 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: OHC ENOAD). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Oracle Authentication Bypass Hospitality Cruise Shipboard Property Management System
NVD
CVSS 3.0
5.5
EPSS
0.4%
CVE-2018-3160 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: OHC Admin, OHC Management). Rated high severity (CVSS 7.7), this vulnerability is low attack complexity.

Oracle Information Disclosure Hospitality Cruise Shipboard Property Management System
NVD
CVSS 3.0
7.7
EPSS
0.5%
CVE-2018-3001 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: SPMS Suite). Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity.

Oracle Authentication Bypass Hospitality Cruise Shipboard Property Management System
NVD
CVSS 3.0
6.2
EPSS
0.5%
CVE-2018-3000 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: SPMS Suite). Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Oracle Authentication Bypass Hospitality Cruise Shipboard Property Management System
NVD
CVSS 3.0
7.1
EPSS
0.6%
CVE-2018-2621 HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: Mobile Gangway and Mustering). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Hospitality Cruise Shipboard Property Management System
NVD
CVSS 3.0
8.2
EPSS
1.4%
CVE-2017-10361 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: OHC DRS). Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Hospitality Cruise Shipboard Property Management System
NVD
CVSS 3.0
6.4
EPSS
0.3%
CVE-2017-10228 MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: Module). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Hospitality Cruise Shipboard Property Management System
NVD
CVSS 3.0
5.4
EPSS
0.2%
EPSS 73% CVSS 7.5
HIGH POC PATCH THREAT This Week

The documentation of Apache Tomcat 10.1.0-M1 to 10.1.0-M14, 10.0.0-M1 to 10.0.20, 9.0.13 to 9.0.62 and 8.5.38 to 8.5.78 for the EncryptInterceptor incorrectly stated it enabled Tomcat clustering to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Denial Of Service Apache Tomcat +2
NVD Exploit-DB
EPSS 11% CVSS 7.5
HIGH PATCH This Week

The fix for bug 63362 present in Apache Tomcat 10.1.0-M1 to 10.1.0-M5, 10.0.0-M1 to 10.0.11, 9.0.40 to 9.0.53 and 8.5.60 to 8.5.71 introduced a memory leak. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Tomcat Apache Denial Of Service +17
NVD
EPSS 75% CVSS 5.3
MEDIUM PATCH This Month

Apache Tomcat 10.0.0-M1 to 10.0.6, 9.0.0.M1 to 9.0.46 and 8.5.0 to 8.5.66 did not correctly parse the HTTP transfer-encoding request header in some circumstances leading to the possibility to request. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This HTTP Request/Response Smuggling vulnerability could allow attackers to manipulate HTTP request interpretation between frontend and backend servers.

Tomcat Request Smuggling Apache +22
NVD
EPSS 10% CVSS 6.5
MEDIUM PATCH This Month

A vulnerability in the JNDI Realm of Apache Tomcat allows an attacker to authenticate using variations of a valid user name and/or to bypass some of the protection provided by the LockOut. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required.

Tomcat Apache Authentication Bypass +6
NVD
EPSS 3% CVSS 8.8
HIGH PATCH This Week

Spring Security 5.4.x prior to 5.4.4, 5.3.x prior to 5.3.8.RELEASE, 5.2.x prior to 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Java Spring Security +6
NVD
EPSS 2% CVSS 6.1
MEDIUM POC PATCH This Month

A vulnerability was found in Hibernate-Validator. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XSS Hibernate Validator Fuse +186
NVD GitHub
EPSS 1% CVSS 7.6
HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: SPMS Suite). Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Hospitality Cruise Shipboard Property Management System
NVD
EPSS 0% CVSS 5.1
MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: DGS RES Online, FMS Sender, FMS Receiver, OHC WPF. Rated medium severity (CVSS 5.1), this vulnerability is no authentication required, low attack complexity.

Authentication Bypass Oracle Hospitality Cruise Shipboard Property Management System
NVD
EPSS 0% CVSS 6.7
MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: SPMS Suite). Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Denial Of Service Oracle Hospitality Cruise Shipboard Property Management System
NVD
EPSS 0% CVSS 5.5
MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: OHC ENOAD). Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Oracle Authentication Bypass Hospitality Cruise Shipboard Property Management System
NVD
EPSS 1% CVSS 7.7
HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: OHC Admin, OHC Management). Rated high severity (CVSS 7.7), this vulnerability is low attack complexity.

Oracle Information Disclosure Hospitality Cruise Shipboard Property Management System
NVD
EPSS 1% CVSS 6.2
MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: SPMS Suite). Rated medium severity (CVSS 6.2), this vulnerability is no authentication required, low attack complexity.

Oracle Authentication Bypass Hospitality Cruise Shipboard Property Management System
NVD
EPSS 1% CVSS 7.1
HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: SPMS Suite). Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity.

Oracle Authentication Bypass Hospitality Cruise Shipboard Property Management System
NVD
EPSS 1% CVSS 8.2
HIGH PATCH This Week

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: Mobile Gangway and Mustering). Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Oracle Authentication Bypass Hospitality Cruise Shipboard Property Management System
NVD
EPSS 0% CVSS 6.4
MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: OHC DRS). Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity.

Denial Of Service Oracle Hospitality Cruise Shipboard Property Management System
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: Module). Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Oracle Hospitality Cruise Shipboard Property Management System
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy