CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2020-2859
https://notcve.org/view.php?id=CVE-2020-2859
15 Apr 2020 — Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: nVision). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of PeopleSoft Enterprise PeopleTools. CVSS 3.0 Base Score 7.5 (... • https://www.oracle.com/security-alerts/cpuapr2020.html •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2020-2782
https://notcve.org/view.php?id=CVE-2020-2782
15 Apr 2020 — Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Query). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional product... • https://www.oracle.com/security-alerts/cpuapr2020.html •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2020-2797
https://notcve.org/view.php?id=CVE-2020-2797
15 Apr 2020 — Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Process Scheduler). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additi... • https://www.oracle.com/security-alerts/cpuapr2020.html •
CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 0CVE-2020-2775
https://notcve.org/view.php?id=CVE-2020-2775
15 Apr 2020 — Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). • https://www.oracle.com/security-alerts/cpuapr2020.html •
CVSS: 8.6EPSS: 1%CPEs: 2EXPL: 0CVE-2020-2776
https://notcve.org/view.php?id=CVE-2020-2776
15 Apr 2020 — Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Security). Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. While the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a ... • https://www.oracle.com/security-alerts/cpuapr2020.html •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2020-2751
https://notcve.org/view.php?id=CVE-2020-2751
15 Apr 2020 — Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products. Su... • https://www.oracle.com/security-alerts/cpuapr2020.html •
CVSS: 6.1EPSS: 1%CPEs: 24EXPL: 0CVE-2020-9281 – Ubuntu Security Notice USN-5340-1
https://notcve.org/view.php?id=CVE-2020-9281
07 Mar 2020 — A cross-site scripting (XSS) vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted "protected" comment (with the cke_protected syntax). Una vulnerabilidad de tipo cross-site scripting (XSS) en el HTML Data Processor for CKEditor versiones 4.0 anteriores a 4.14, permite a atacantes remotos inyectar script web arbitrario por medio de un comentario "protected" diseñado (con la sintaxis cke_protected). Kyaw Min Thein discov... • https://github.com/ckeditor/ckeditor4 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-2687
https://notcve.org/view.php?id=CVE-2020-2687
15 Jan 2020 — Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Elastic Search). Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise... • https://www.oracle.com/security-alerts/cpujan2020.html •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2020-2663
https://notcve.org/view.php?id=CVE-2020-2663
15 Jan 2020 — Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA Core Technology). Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional... • https://www.oracle.com/security-alerts/cpujan2020.html •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2020-2606
https://notcve.org/view.php?id=CVE-2020-2606
15 Jan 2020 — Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA Core Technology). Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional... • https://www.oracle.com/security-alerts/cpujan2020.html •