CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2017-10146
https://notcve.org/view.php?id=CVE-2017-10146
08 Aug 2017 — Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Portal). Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. While the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update,... • http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2017-10251
https://notcve.org/view.php?id=CVE-2017-10251
08 Aug 2017 — Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Test Framework). Supported versions that are affected are 8.54 and 8.55. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where PeopleSoft Enterprise PeopleTools executes to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Ent... • http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html •
CVSS: 4.7EPSS: 0%CPEs: 2EXPL: 0CVE-2017-10250
https://notcve.org/view.php?id=CVE-2017-10250
08 Aug 2017 — Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Tuxedo). Supported versions that are affected are 8.54 and 8.55. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where PeopleSoft Enterprise PeopleTools executes to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise ... • http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2017-10021
https://notcve.org/view.php?id=CVE-2017-10021
08 Aug 2017 — Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: PIA Search). Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact addit... • http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html •
CVSS: 8.3EPSS: 0%CPEs: 2EXPL: 0CVE-2017-10061 – Oracle Integration Gateway Directory Traversal
https://notcve.org/view.php?id=CVE-2017-10061
21 Jul 2017 — Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. While the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthor... • http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1CVE-2017-10106 – PeopleSoft ToolsRelease 8.55.03 / ToolsReleaseDB 8.55 / HCM 9.2 XSS
https://notcve.org/view.php?id=CVE-2017-10106
21 Jul 2017 — Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Portal). Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additiona... • https://packetstorm.news/files/id/143441 •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2017-3520
https://notcve.org/view.php?id=CVE-2017-3520
24 Apr 2017 — Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Fluid Core). Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification a... • http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2017-3519
https://notcve.org/view.php?id=CVE-2017-3519
24 Apr 2017 — Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Security). Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.0 Base Score 7... • http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html •
CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 0CVE-2017-3527
https://notcve.org/view.php?id=CVE-2017-3527
24 Apr 2017 — Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Fluid Core). Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality i... • http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.4EPSS: 0%CPEs: 2EXPL: 0CVE-2017-3547
https://notcve.org/view.php?id=CVE-2017-3547
24 Apr 2017 — Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: MultiChannel Framework). Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantl... • http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •