Oracle

Peoplesoft Enterprise Peopletools

354 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2020-1967

Exploit
  • EPSS 60.77%
  • Veröffentlicht 21.04.2020 14:15:11
  • Zuletzt bearbeitet 21.11.2024 05:11:45

Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occur...

6.1

CVE-2020-2868

  • EPSS 0.8%
  • Veröffentlicht 15.04.2020 14:15:32
  • Zuletzt bearbeitet 21.11.2024 05:26:29

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Diagnostic Framework). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with...

7.5

CVE-2020-2859

  • EPSS 1.8%
  • Veröffentlicht 15.04.2020 14:15:31
  • Zuletzt bearbeitet 21.11.2024 05:26:28

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: nVision). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network acce...

7.1

CVE-2020-2782

  • EPSS 0.89%
  • Veröffentlicht 15.04.2020 14:15:27
  • Zuletzt bearbeitet 21.11.2024 05:26:15

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Query). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network access...

6.1

CVE-2020-2797

  • EPSS 0.8%
  • Veröffentlicht 15.04.2020 14:15:27
  • Zuletzt bearbeitet 21.11.2024 05:26:17

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Process Scheduler). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with ne...

5.3

CVE-2020-2775

  • EPSS 1.18%
  • Veröffentlicht 15.04.2020 14:15:26
  • Zuletzt bearbeitet 21.11.2024 05:26:14

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network acces...

8.6

CVE-2020-2776

  • EPSS 1.42%
  • Veröffentlicht 15.04.2020 14:15:26
  • Zuletzt bearbeitet 21.11.2024 05:26:14

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Security). Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access vi...

6.1

CVE-2020-2751

  • EPSS 0.8%
  • Veröffentlicht 15.04.2020 14:15:25
  • Zuletzt bearbeitet 21.11.2024 05:26:09

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via ...

5.3

CVE-2020-1954

  • EPSS 0.22%
  • Veröffentlicht 01.04.2020 21:15:14
  • Zuletzt bearbeitet 21.11.2024 05:11:43

Apache CXF has the ability to integrate with JMX by registering an InstrumentationManager extension with the CXF bus. If the ‘createMBServerConnectorFactory‘ property of the default InstrumentationManagerImpl is not disabled, then it is vulnerable to...

6.1

CVE-2020-9281

  • EPSS 1.19%
  • Veröffentlicht 07.03.2020 01:15:15
  • Zuletzt bearbeitet 21.11.2024 05:40:20

A cross-site scripting (XSS) vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted "protected" comment (with the cke_protected syntax).