Vulnerabilities > Oracle > Peoplesoft Enterprise Peopletools > 8.58
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-12-10 | CVE-2020-8908 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). | 3.3 |
| 2020-12-08 | CVE-2020-1971 | NULL Pointer Dereference vulnerability in multiple products The X.509 GeneralName type is a generic type for representing different types of names. | 5.9 |
| 2020-12-02 | CVE-2020-13956 | Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution. | 5.3 |
| 2020-11-12 | CVE-2020-27193 | Cross-site Scripting vulnerability in multiple products A cross-site scripting (XSS) vulnerability in the Color Dialog plugin for CKEditor 4.15.0 allows remote attackers to run arbitrary web script after persuading a user to copy and paste crafted HTML code into one of editor inputs. | 6.1 |
| 2020-09-09 | CVE-2020-1968 | Information Exposure Through Discrepancy vulnerability in multiple products The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman (DH) based ciphersuite. | 3.7 |
| 2020-09-04 | CVE-2020-24977 | Out-of-bounds Read vulnerability in multiple products GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. | 6.5 |
| 2020-07-27 | CVE-2020-7017 | Cross-site Scripting vulnerability in multiple products In Kibana versions before 6.8.11 and 7.8.1 the region map visualization in contains a stored XSS flaw. | 6.7 |
| 2020-07-27 | CVE-2020-7016 | Resource Exhaustion vulnerability in multiple products Kibana versions before 6.8.11 and 7.8.1 contain a denial of service (DoS) flaw in Timelion. | 4.8 |
| 2020-07-15 | CVE-2020-14627 | Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.56/8.57/8.58 Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Query). | 6.1 |
| 2020-07-15 | CVE-2020-14600 | Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.56/8.57/8.58 Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). | 4.3 |