Peoplesoft Enterprise Peopletools

DATE	CVE	VULNERABILITY TITLE	RISK
2021-07-21	CVE-2021-2351	Session Fixation vulnerability in Oracle products Vulnerability in the Advanced Networking Option component of Oracle Database Server. network high complexity oracle CWE-384	8.3
2021-07-21	CVE-2021-2377	Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.57/8.58/8.59 Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: SQR). network low complexity oracle	4.3
2021-07-21	CVE-2021-2407	Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.57/8.58/8.59 Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). network low complexity oracle	5.3
2021-07-13	CVE-2021-35515	Infinite Loop vulnerability in multiple products When reading a specially crafted 7Z archive, the construction of the list of codecs that decompress an entry can result in an infinite loop. network low complexity apache netapp oracle CWE-835	7.5
2021-07-13	CVE-2021-35516	Allocation of Resources Without Limits or Throttling vulnerability in multiple products When reading a specially crafted 7Z archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. network low complexity apache netapp oracle CWE-770	7.5
2021-07-13	CVE-2021-35517	Allocation of Resources Without Limits or Throttling vulnerability in multiple products When reading a specially crafted TAR archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. network low complexity apache netapp oracle CWE-770	7.5
2021-07-13	CVE-2021-36090	When reading a specially crafted ZIP archive, Compress can be made to allocate large amounts of memory that finally leads to an out of memory error even for very small inputs. network low complexity apache oracle netapp	7.5
2021-05-19	CVE-2021-3517	Out-of-bounds Write vulnerability in multiple products There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. network low complexity xmlsoft redhat fedoraproject debian netapp oracle CWE-787	8.6
2021-05-18	CVE-2021-3518	Use After Free vulnerability in multiple products There's a flaw in libxml2 in versions before 2.9.11. network low complexity xmlsoft debian redhat fedoraproject netapp oracle CWE-416	8.8
2021-05-14	CVE-2021-3537	NULL Pointer Dereference vulnerability in multiple products A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. network high complexity xmlsoft redhat debian fedoraproject netapp oracle CWE-476	5.9