Oracle

Peoplesoft Enterprise Peopletools

339 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2019-2985

  • EPSS 0.8%
  • Published 16.10.2019 18:15:32
  • Last modified 21.11.2024 04:41:55

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Fluid Core). Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access ...

6.1

CVE-2019-2915

  • EPSS 0.8%
  • Published 16.10.2019 18:15:28
  • Last modified 21.11.2024 04:41:47

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Fluid Core). Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access ...

6.1

CVE-2019-2929

  • EPSS 0.8%
  • Published 16.10.2019 18:15:28
  • Last modified 21.11.2024 04:41:48

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via ...

6.1

CVE-2019-2931

  • EPSS 0.8%
  • Published 16.10.2019 18:15:28
  • Last modified 21.11.2024 04:41:48

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via ...

7.7

CVE-2019-2932

  • EPSS 0.6%
  • Published 16.10.2019 18:15:28
  • Last modified 21.11.2024 04:41:48

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Tree Manager). Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows low privileged attacker with network access...

9.8

CVE-2019-17195

  • EPSS 11.34%
  • Published 15.10.2019 14:15:12
  • Last modified 21.11.2024 04:31:50

Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentication bypass.

7.5

CVE-2019-17359

  • EPSS 7.63%
  • Published 08.10.2019 14:15:10
  • Last modified 12.05.2025 17:37:16

The ASN.1 parser in Bouncy Castle Crypto (aka BC Java) 1.63 can trigger a large attempted memory allocation, and resultant OutOfMemoryError error, via crafted ASN.1 data. This is fixed in 1.64.

7.5

CVE-2019-16056

  • EPSS 0.58%
  • Published 06.09.2019 18:15:15
  • Last modified 21.11.2024 04:29:57

An issue was discovered in Python through 2.7.16, 3.x through 3.5.7, 3.6.x through 3.6.9, and 3.7.x through 3.7.4. The email module wrongly parses email addresses that contain multiple @ characters. An application that uses the email module and imple...

7.5

CVE-2019-10086

  • EPSS 0.26%
  • Published 20.08.2019 21:15:12
  • Last modified 21.11.2024 04:18:22

In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all Java objects. We, however were not using this by defa...

6.1

CVE-2019-2772

  • EPSS 0.58%
  • Published 23.07.2019 23:15:40
  • Last modified 21.11.2024 04:41:31

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Activity Guide). Supported versions that are affected are 8.55, 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attac...