Page 64 of 345 results (0.028 seconds)

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2016-0471

https://notcve.org/view.php?id=CVE-2016-0471

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 and 8.54 allows remote attackers to affect confidentiality via unknown vectors related to Multichannel Framework. Vulnerabilidad no especificada en el componente PeopleSoft Enterprise PeopleTools en Oracle PeopleSoft Products 8.53 y 8.54 permite a atacantes remotos afectar a la confidencialidad a través de vectores desconocidos relacionados con Multichannel Framework. • http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html http://www.securitytracker.com/id/1034720 •

CVSS: 5.0EPSS: 0%CPEs: 12EXPL: 0

CVE-2015-7940 – bouncycastle: Invalid curve attack allowing to extract private keys

https://notcve.org/view.php?id=CVE-2015-7940

The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "invalid curve attack." La librería Bouncy Castle Java en versiones anteriores a 1.51 no valida un punto que se encuentra dentro de la curva elíptica, lo que facilita a atacantes remotos obtener claves privadas a través de una serie de intercambios de clave de curva elíptica Diffie Hellman (ECDH) manipulados, también conocida como un 'ataque de curva no válida'. It was found that bouncycastle is vulnerable to an invalid curve attack. An attacker could extract private keys used in elliptic curve cryptography with a few thousand queries. • http://lists.fedoraproject.org/pipermail/package-announce/2016-January/174915.html http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00012.html http://rhn.redhat.com/errata/RHSA-2016-2035.html http://rhn.redhat.com/errata/RHSA-2016-2036.html http://web-in-security.blogspot.ca/2015/09/practical-invalid-curve-attacks.html http://www.debian.org/security/2015/dsa-3417 http://www.openwall.com/lists/oss-security/2015/10/22/7 http://www.openwall.com/lists/oss-security • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-310: Cryptographic Issues CWE-358: Improperly Implemented Security Check for Standard •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2013-3761

https://notcve.org/view.php?id=CVE-2013-3761

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products Portal 9.1 and PeopleTools 8.52 allows remote attackers to affect integrity via vectors related to PIA Core Technology. Vulnerabilidad no especificada en el componente PeopleSoft Enterprise PeopleTools en Oracle PeopleSoft Products Portal v9.1 y PeopleTools v8.52 permite a atacantes remotos afectar la integridad mediante vectores relacionados con PIA Core Technology. • http://secunia.com/advisories/54233 http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html http://www.securityfocus.com/bid/61251 https://exchange.xforce.ibmcloud.com/vulnerabilities/85683 •

CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0

CVE-2013-3759

https://notcve.org/view.php?id=CVE-2013-3759

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.52 and 8.53 allows remote attackers to affect integrity via vectors related to PIA Search Functionality. Vulnerabilidad sin especificar en el componente PeopleSoft Enterprise PeopleTools en Oracle PeopleSoft Products 8.52 y 8.53, permite a atacantes remotos comprometer la integridad a través de vectores desconocidos relacionados con PIA Search Functionality. • http://osvdb.org/95297 http://secunia.com/advisories/54233 http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html http://www.securityfocus.com/bid/61255 https://exchange.xforce.ibmcloud.com/vulnerabilities/85684 •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0

CVE-2013-2409

https://notcve.org/view.php?id=CVE-2013-2409

Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.51, 8.52, and 8.53 allows remote attackers to affect confidentiality via vectors related to PIA Core Technology. Vulnerabilidad no especificada en el componente PeopleSoft Enterprise PeopleTools de Oracle PeopleSoft productos v8.51, v8.52, y v8.53 que permite a atacantes remotos afectar la confidencialidad a través de vectores relacionados con el PIA Core Technology. • http://www.mandriva.com/security/advisories?name=MDVSA-2013:150 http://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html •