Vulnerabilities > Oracle > Peoplesoft Enterprise Peopletools
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-15 | CVE-2024-21214 | Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.59/8.60/8.61 Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Query). | 8.1 |
| 2024-10-15 | CVE-2024-21255 | Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.59/8.60/8.61 Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: XMLPublisher). | 8.8 |
| 2024-07-16 | CVE-2024-21158 | Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.59/8.60/8.61 Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). | 6.4 |
| 2023-01-18 | CVE-2023-21844 | Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.59/8.60 Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Elastic Search). | 5.4 |
| 2023-01-18 | CVE-2023-21845 | Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.60 Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Panel Processor). | 5.4 |
| 2022-03-16 | CVE-2022-24729 | CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. | 7.5 |
| 2022-03-16 | CVE-2022-24728 | Cross-site Scripting vulnerability in multiple products CKEditor4 is an open source what-you-see-is-what-you-get HTML editor. | 5.4 |
| 2022-03-11 | CVE-2020-36518 | Out-of-bounds Write vulnerability in multiple products jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects. | 7.5 |
| 2022-02-24 | CVE-2021-44531 | Improper Certificate Validation vulnerability in multiple products Accepting arbitrary Subject Alternative Name (SAN) types, unless a PKI is specifically defined to use a particular SAN type, can result in bypassing name-constrained intermediates. | 7.4 |
| 2022-02-24 | CVE-2021-44532 | Improper Certificate Validation vulnerability in multiple products Node.js < 12.22.9, < 14.18.3, < 16.13.2, and < 17.3.1 converts SANs (Subject Alternative Names) to a string format. | 5.3 |