Vulnerabilities > Oracle > Peoplesoft Enterprise Peopletools > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-11-17 | CVE-2021-41165 | CKEditor4 is an open source WYSIWYG HTML editor. | 5.4 |
2021-11-17 | CVE-2021-41164 | CKEditor4 is an open source WYSIWYG HTML editor. | 5.4 |
2021-10-26 | CVE-2021-41182 | jQuery-UI is the official jQuery user interface library. | 6.1 |
2021-10-26 | CVE-2021-41183 | jQuery-UI is the official jQuery user interface library. | 6.1 |
2021-10-26 | CVE-2021-41184 | jQuery-UI is the official jQuery user interface library. | 6.1 |
2021-10-20 | CVE-2021-35595 | Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.57/8.58/8.59 Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Business Interlink). | 6.1 |
2021-10-20 | CVE-2021-35609 | Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.57/8.58/8.59 Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: SQR). | 6.5 |
2021-10-20 | CVE-2021-35568 | Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.57/8.58/8.59 Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Rich Text Editor). | 6.1 |
2021-09-29 | CVE-2021-22947 | Insufficient Verification of Data Authenticity vulnerability in multiple products When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. | 5.9 |
2021-08-16 | CVE-2021-22939 | Improper Certificate Validation vulnerability in multiple products If the Node.js https API was used incorrectly and "undefined" was in passed for the "rejectUnauthorized" parameter, no error was returned and connections to servers with an expired certificate would have been accepted. | 5.3 |