Oracle

Peoplesoft Enterprise Peopletools

347 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2020-28500

Exploit
  • EPSS 0.25%
  • Veröffentlicht 15.02.2021 11:15:12
  • Zuletzt bearbeitet 21.11.2024 05:22:55

Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.

6.8

CVE-2021-2071

  • EPSS 1.23%
  • Veröffentlicht 20.01.2021 15:15:50
  • Zuletzt bearbeitet 21.11.2024 06:02:18

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Elastic Search). Supported versions that are affected are 8.56, 8.57 and 8.58. Difficult to exploit vulnerability allows unauthenticated attacker with net...

4.6

CVE-2021-2063

  • EPSS 0.15%
  • Veröffentlicht 20.01.2021 15:15:49
  • Zuletzt bearbeitet 21.11.2024 06:02:17

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with logon to the ...

5.8

CVE-2021-2043

  • EPSS 0.58%
  • Veröffentlicht 20.01.2021 15:15:48
  • Zuletzt bearbeitet 21.11.2024 06:02:15

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network acces...

9.1

CVE-2021-23926

  • EPSS 0.32%
  • Veröffentlicht 14.01.2021 15:15:13
  • Zuletzt bearbeitet 21.11.2024 05:52:03

The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include possibilities for XML Entity Expansion attacks. Affects XMLBeans up to and including v2.6.0.

8.1

CVE-2020-28052

Exploit
  • EPSS 3.78%
  • Veröffentlicht 18.12.2020 01:15:12
  • Zuletzt bearbeitet 12.05.2025 17:37:16

An issue was discovered in Legion of the Bouncy Castle BC Java 1.65 and 1.66. The OpenBSDBCrypt.checkPassword utility method compared incorrect data when checking the password, allowing incorrect passwords to indicate they were matching with previous...

7.5

CVE-2020-8286

Exploit
  • EPSS 0.28%
  • Veröffentlicht 14.12.2020 20:15:14
  • Zuletzt bearbeitet 21.11.2024 05:38:39

curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response.

4.3

CVE-2020-8284

  • EPSS 0.13%
  • Veröffentlicht 14.12.2020 20:15:13
  • Zuletzt bearbeitet 21.11.2024 05:38:39

A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed,...

7.5

CVE-2020-8285

Exploit
  • EPSS 0.59%
  • Veröffentlicht 14.12.2020 20:15:13
  • Zuletzt bearbeitet 21.11.2024 05:38:39

curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing.

3.3

CVE-2020-8908

Exploit
  • EPSS 0.07%
  • Veröffentlicht 10.12.2020 23:15:13
  • Zuletzt bearbeitet 21.11.2024 05:39:40

A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By defau...