Skip to main content

Hospitality Opera 5

8 CVEs product

Monthly

CVE-2026-21967 HIGH This Week

Hospitality Opera 5 versions up to 5.6.19.23 contains a vulnerability that allows attackers to unauthorized access to critical data or complete access to all Oracle Hospitalit (CVSS 8.6).

Oracle Denial Of Service Hospitality Opera 5
NVD
CVSS 3.1
8.6
EPSS
0.1%
CVE-2026-21966 MEDIUM This Month

Hospitality Opera 5 versions up to 5.6.19.23 contains a vulnerability that allows attackers to unauthorized update, insert or delete access to some of Oracle Hospitality OPERA (CVSS 6.1).

Oracle Hospitality Opera 5
NVD
CVSS 3.1
6.1
EPSS
0.0%
CVE-2025-21547 CRITICAL This Week

Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications (component: Opera Servlet). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Denial Of Service Hospitality Opera 5
NVD
CVSS 3.1
9.1
EPSS
0.5%
CVE-2024-21172 CRITICAL Act Now

Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications (component: Opera Servlet). Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Oracle Hospitality Opera 5
NVD
CVSS 3.1
9.0
EPSS
0.5%
CVE-2021-2351 HIGH POC PATCH This Week

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Oracle Information Disclosure Advanced Networking Option Agile Engineering Data Management Agile Plm +108
NVD
CVSS 3.1
8.3
EPSS
2.5%
CVE-2020-17530 Maven CRITICAL POC KEV PATCH THREAT Act Now

Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Apache RCE Struts Business Intelligence Communications Diameter Intelligence Hub +5
NVD GitHub
CVSS 3.1
9.8
EPSS
95.9%
CVE-2020-17521 Maven MEDIUM PATCH This Month

Apache Groovy provides extension methods to aid with creating temporary directories. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Apache Java Information Disclosure Groovy Snapcenter +19
NVD
CVSS 3.1
5.5
EPSS
1.1%
CVE-2019-10086 Maven HIGH PATCH This Week

In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Java Apache Deserialization Commons Beanutils Nifi +58
NVD
CVSS 3.1
7.3
EPSS
28.8%
EPSS 0% CVSS 8.6
HIGH This Week

Hospitality Opera 5 versions up to 5.6.19.23 contains a vulnerability that allows attackers to unauthorized access to critical data or complete access to all Oracle Hospitalit (CVSS 8.6).

Oracle Denial Of Service Hospitality Opera 5
NVD
EPSS 0% CVSS 6.1
MEDIUM This Month

Hospitality Opera 5 versions up to 5.6.19.23 contains a vulnerability that allows attackers to unauthorized update, insert or delete access to some of Oracle Hospitality OPERA (CVSS 6.1).

Oracle Hospitality Opera 5
NVD
EPSS 0% CVSS 9.1
CRITICAL This Week

Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications (component: Opera Servlet). Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Oracle Denial Of Service +1
NVD
EPSS 0% CVSS 9.0
CRITICAL Act Now

Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications (component: Opera Servlet). Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Oracle Hospitality Opera 5
NVD
EPSS 2% CVSS 8.3
HIGH POC PATCH This Week

Vulnerability in the Advanced Networking Option component of Oracle Database Server. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, no authentication required. Public exploit code available.

Oracle Information Disclosure Advanced Networking Option +110
NVD
EPSS 96% CVSS 9.8
CRITICAL POC KEV PATCH THREAT Act Now

Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.

Apache RCE Struts +7
NVD GitHub
EPSS 1% CVSS 5.5
MEDIUM PATCH This Month

Apache Groovy provides extension methods to aid with creating temporary directories. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.

Apache Java Information Disclosure +21
NVD
EPSS 29% CVSS 7.3
HIGH PATCH This Week

In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Java Apache Deserialization +60
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy