Vulnerabilities > Oracle > Peoplesoft Enterprise Peopletools

DATE CVE VULNERABILITY TITLE RISK
2020-05-19 CVE-2020-7656 Cross-site Scripting vulnerability in multiple products
jquery prior to 1.9.0 allows Cross-site Scripting attacks via the load method.
network
low complexity
jquery oracle netapp juniper CWE-79
6.1
2020-04-29 CVE-2020-11022 In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. 6.1
2020-04-27 CVE-2020-9488 Improper Certificate Validation vulnerability in multiple products
Improper validation of certificate with host mismatch in Apache Log4j SMTP appender.
network
high complexity
apache oracle debian qos CWE-295
3.7
2020-04-21 CVE-2020-1967 NULL Pointer Dereference vulnerability in multiple products
Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension.
7.5
2020-04-15 CVE-2020-2868 Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.56/8.57/8.58
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Diagnostic Framework).
network
low complexity
oracle
6.1
2020-04-15 CVE-2020-2859 Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.56/8.57/8.58
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: nVision).
network
low complexity
oracle
7.5
2020-04-15 CVE-2020-2797 Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.56/8.57/8.58
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Process Scheduler).
network
low complexity
oracle
6.1
2020-04-15 CVE-2020-2782 Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.56/8.57/8.58
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Query).
network
low complexity
oracle
7.1
2020-04-15 CVE-2020-2776 Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.56/8.57
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Security).
network
low complexity
oracle
8.6
2020-04-15 CVE-2020-2775 Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.56/8.57/8.58
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal).
network
low complexity
oracle
5.3