Oracle Hospitality Cruise Fleet Management vulnerabilities

CVE-2018-3158 [HIGH] CVE-2018-3158: Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Appl Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: Emergency Response System). The supported version that is affected is 9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Cruise Fleet Management. Successful at

CVE-2018-3166 [MEDIUM] CVE-2018-3166: Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Appl Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: Emergency Response System). The supported version that is affected is 9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Cruise Fleet Management. Successful

CVE-2018-3163 [MEDIUM] CVE-2018-3163: Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Appl Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: Emergency Response System). The supported version that is affected is 9.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Cruise Fleet Management. Successful

CVE-2018-3159 [MEDIUM] CVE-2018-3159: Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Appl Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: Sender and Receiver). The supported version that is affected is 9.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Hospitality Cruise Fleet Management executes to compromise

CVE-2018-2984 [HIGH] CVE-2018-2984: Vulnerability in the Oracle Hospitality Cruise Fleet Management System component of Oracle Hospitali Vulnerability in the Oracle Hospitality Cruise Fleet Management System component of Oracle Hospitality Applications (subcomponent: Gangway Activity Web App). The supported version that is affected is 9.x. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Cruise Fleet Management System.

CVE-2018-3002 [HIGH] CVE-2018-3002: Vulnerability in the Oracle Hospitality Cruise Fleet Management System component of Oracle Hospitali Vulnerability in the Oracle Hospitality Cruise Fleet Management System component of Oracle Hospitality Applications (subcomponent: Fleet Management System Suite). The supported version that is affected is 9.x. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Hospitality Cruise Fleet Management System

CVE-2018-3003 [MEDIUM] CVE-2018-3003: Vulnerability in the Oracle Hospitality Cruise Fleet Management System component of Oracle Hospitali Vulnerability in the Oracle Hospitality Cruise Fleet Management System component of Oracle Hospitality Applications (subcomponent: Fleet Management System Suite). The supported version that is affected is 9.x. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Hospitality Cruise Fleet Management Syst

CVE-2018-2850 [HIGH] CVE-2018-2850: Vulnerability in the Oracle Hospitality Cruise Fleet Management System component of Oracle Hospitali Vulnerability in the Oracle Hospitality Cruise Fleet Management System component of Oracle Hospitality Applications (subcomponent: Fleet Management System Suite). The supported version that is affected is 9.x. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Hospitality Cruise Fleet

CVE-2018-2697 [CRITICAL] CVE-2018-2697: Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Appl Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: Emergency Response System). The supported version that is affected is 9.0.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Cruise Fleet Management. Succ

CVE-2018-2701 [HIGH] CVE-2018-2701: Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Appl Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: Emergency Response System). The supported version that is affected is 9.0.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Cruise Fleet Management. Successfu

CVE-2018-2700 [HIGH] CVE-2018-2700: Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Appl Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: Emergency Response System). The supported version that is affected is 9.0.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Cruise Fleet Management. Successf

CVE-2015-9251 [MEDIUM] CWE-79 CVE-2015-9251: jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax req jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, causing text/javascript responses to be executed.

CVE-2017-10398 [HIGH] CVE-2017-10398: Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Appl Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: BaseMasterPage). The supported version that is affected is 9.0.2.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Hospitality Cruise Fleet Management executes to compromise

CVE-2017-10395 [MEDIUM] CVE-2017-10395: Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Appl Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: GangwayActivityWebApp). The supported version that is affected is 9.0.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Cruise Fleet Management. Successfu

CVE-2017-10397 [MEDIUM] CVE-2017-10397: Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Appl Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: BaseMasterPage). The supported version that is affected is 9.0.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality Cruise Fleet Management. Successful atta

CVE-2017-10399 [LOW] CVE-2017-10399: Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Appl Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: GangwayActivityWebApp). The supported version that is affected is 9.0.2.0. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Cruise Fleet Management. Successful

CVE-2017-10226 [HIGH] CVE-2017-10226: Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Appl Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: Fleet Management System Suite). The supported version that is affected is 9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Cruise Fleet Management. Success

CVE-2016-7103 [MEDIUM] CWE-79 CVE-2016-7103: Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to Cross-site scripting (XSS) vulnerability in jQuery UI before 1.12.0 might allow remote attackers to inject arbitrary web script or HTML via the closeText parameter of the dialog function.