cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-21154,https://securityvulnerability.io/vulnerability/CVE-2024-21154,Vulnerability in PeopleSoft Enterprise HCM Human Resources by Oracle,"This vulnerability exists in Oracle's PeopleSoft Enterprise HCM Human Resources product, allowing low-privileged attackers with network access through HTTP to potentially gain unauthorized read access to sensitive data. The supported version affected is 9.2, making it crucial for organizations to patch this vulnerability to protect their data integrity and confidentiality.",Oracle,Peoplesoft Enterprise Hcm Human Resources,4.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-16T23:15:00.000Z,0
CVE-2023-22009,https://securityvulnerability.io/vulnerability/CVE-2023-22009,Vulnerability in Oracle E-Business Suite's Human Resources Component,"A vulnerability exists within the Oracle Self-Service Human Resources component of Oracle E-Business Suite, specifically within Workforce Management. An attacker with low privileges and network access through HTTP can exploit this vulnerability, leading to unauthorized read access to certain data within Oracle Self-Service Human Resources. This situation raises concerns over data confidentiality and requires immediate attention by affected users and organizations.",Oracle,Self-service Human Resources,4.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-07-18T21:15:00.000Z,0
CVE-2023-21992,https://securityvulnerability.io/vulnerability/CVE-2023-21992,Vulnerability in Oracle PeopleSoft Enterprise HCM Human Resources Product,"A vulnerability exists within Oracle’s PeopleSoft Enterprise HCM Human Resources product in the Administer Workforce component. This flaw allows low-privileged attackers with network access via HTTP to exploit the system. Successful exploitation can lead to unauthorized modifications, including updates, inserts, or deletions of accessible data within the application. Additionally, it poses a risk of unauthorized read access to sensitive data. Ensuring proper access controls is critical to safeguarding against potential unauthorized activities.",Oracle,Peoplesoft Enterprise Hcm Human Resources,5.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-04-18T20:15:00.000Z,0
CVE-2023-21834,https://securityvulnerability.io/vulnerability/CVE-2023-21834,SQL Injection Vulnerability in Oracle Self-Service Human Resources by Oracle,"An SQL Injection vulnerability exists in the Oracle Self-Service Human Resources component of the Oracle E-Business Suite, specifically in versions 12.2.3 to 12.2.12. This vulnerability can be exploited by an attacker with low privileges who has network access via HTTP. It allows unauthorized access to modify, add, or delete data within the application, posing a significant risk to the integrity of sensitive information.",Oracle,Self-Service Human Resources,4.3,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2023-01-18T00:15:00.000Z,0
CVE-2021-2365,https://securityvulnerability.io/vulnerability/CVE-2021-2365,Access Control Vulnerability in Oracle E-Business Suite Human Resources,"A vulnerability exists in the Oracle Human Resources component of the Oracle E-Business Suite that could be exploited by low-privileged attackers with network access via HTTP. Successful exploitation of this vulnerability could enable unauthorized users to create, delete, or modify critical data. This compromise may lead to complete unauthorized access to all data managed by the Oracle Human Resources module, posing significant risks to data confidentiality and integrity.",Oracle,Human Resources,8.1,HIGH,0.0009399999980814755,false,,false,false,false,,,false,false,,2021-07-20T22:43:42.000Z,0
CVE-2021-2260,https://securityvulnerability.io/vulnerability/CVE-2021-2260,Unauthorized Access in Oracle Human Resources Product by Oracle,"A vulnerability in Oracle's Human Resources product associated with the E-Business Suite, specifically within the iRecruitment component, allows an attacker with low privileges to exploit the system via HTTP. This could lead to unauthorized creation, deletion, and modification of critical data within Oracle Human Resources, granting the attacker access to sensitive information. Organizations utilizing version 12.1.3 should take precautions to secure their systems against this flaw.",Oracle,Human Resources,8.1,HIGH,0.0009399999980814755,false,,false,false,false,,,false,false,,2021-04-22T21:53:56.000Z,0
CVE-2020-2956,https://securityvulnerability.io/vulnerability/CVE-2020-2956,Vulnerability in Oracle E-Business Suite's Human Resources Component,"A vulnerability affects the Oracle Human Resources component within the Oracle E-Business Suite, specifically its Hierarchy Diagrammers. It allows an attacker with low privileges and network access via HTTP to exploit the weakness. Successful exploitation can enable unauthorized actions such as creating, deleting, or modifying sensitive data, jeopardizing the integrity and confidentiality of all accessible information within Oracle Human Resources. Organizations using supported versions 12.1.1 to 12.1.3 and 12.2.3 to 12.2.9 are encouraged to assess their systems and apply relevant patches to safeguard against potential threats.",Oracle,Human Resources,8.1,HIGH,0.09847000241279602,false,,false,false,false,,,false,false,,2020-04-15T13:29:54.000Z,0
CVE-2020-2882,https://securityvulnerability.io/vulnerability/CVE-2020-2882,Vulnerability in Oracle Human Resources Product of Oracle E-Business Suite,"A vulnerability exists in the Oracle Human Resources component of Oracle E-Business Suite, affecting versions 12.1.1 to 12.1.3 and 12.2.3 to 12.2.9. This flaw allows a low-privileged attacker with network access via HTTP to exploit the system and potentially gain unauthorized access to critical data. Successful exploitation can lead to unauthorized creation, deletion, or modification of vital HR data, thereby compromising the integrity and confidentiality of the information accessible within the Oracle Human Resources module.",Oracle,Human Resources,8.1,HIGH,0.10445000231266022,false,,false,false,false,,,false,false,,2020-04-15T13:29:50.000Z,0
CVE-2020-2772,https://securityvulnerability.io/vulnerability/CVE-2020-2772,Vulnerability in Oracle E-Business Suite Human Resources Application,"A vulnerability exists in the Absence Recording and Maintenance component of the Oracle Human Resources product within Oracle E-Business Suite. This flaw allows a low-privileged attacker, with access to the network via HTTP, to exploit the system. Successful exploitation necessitates human interaction from an individual other than the attacker. While the vulnerability resides in Oracle Human Resources, the repercussions of such attacks can extend to other products within the suite. Attackers may gain unauthorized capabilities, resulting in the potential for updates, insertions, or deletions of sensitive data, posing significant risks to database integrity.",Oracle,Human Resources,4.1,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2020-04-15T13:29:45.000Z,0
CVE-2020-2587,https://securityvulnerability.io/vulnerability/CVE-2020-2587,Vulnerability in Oracle E-Business Suite Human Resources Component by Oracle,"This vulnerability in the Oracle Human Resources component of the Oracle E-Business Suite presents an exploit risk for low-privileged attackers with network access via HTTPS. It could lead to unauthorized actions, such as the creation, deletion, or modification of critical data. Moreover, successful exploitation could allow complete access to Oracle Human Resources data as well as the potential to cause operational disruptions. Attackers leveraging this vulnerability may significantly impact the confidentiality, integrity, and availability of sensitive information across associated Oracle products.",Oracle,Human Resources,9.9,CRITICAL,0.0185100007802248,false,,false,false,false,,,false,false,,2020-01-15T16:34:02.000Z,0
CVE-2020-2586,https://securityvulnerability.io/vulnerability/CVE-2020-2586,Oracle E-Business Suite Vulnerability in Human Resources Product,"A vulnerability exists in the Oracle Human Resources component of the Oracle E-Business Suite, affecting multiple supported versions. This flaw allows a low-privileged attacker with network access via HTTPS to exploit the system, potentially leading to unauthorized actions such as creation, deletion, or modification of critical data. The impact of this vulnerability extends to additional products, posing serious risks, including unauthorized access to sensitive information and the ability to induce a partial denial of service. Organizations using affected versions of Oracle E-Business Suite should prioritize immediate updates and implement security measures to mitigate risks associated with this vulnerability.",Oracle,Human Resources,9.9,CRITICAL,0.0185100007802248,false,,false,false,false,,,false,false,,2020-01-15T16:34:02.000Z,0
CVE-2020-2561,https://securityvulnerability.io/vulnerability/CVE-2020-2561,Unauthorized Access Vulnerability in Oracle PeopleSoft HCM,"An unauthorized access vulnerability exists in the Oracle PeopleSoft Enterprise HCM Human Resources product, specifically within the Company Directory / Org Chart Viewer component. This vulnerability allows low privileged attackers with network access via HTTP to compromise the system, potentially leading to unauthorized read access to sensitive data. Affected users of PeopleSoft Enterprise HCM 9.2 should be aware of this risk, as it can expose confidential information and compromise data integrity.",Oracle,Peoplesoft Enterprise Hcm Human Resources,4.3,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2020-01-15T16:34:01.000Z,0
CVE-2019-2951,https://securityvulnerability.io/vulnerability/CVE-2019-2951,Network Vulnerability in Oracle PeopleSoft HCM Human Resources,"A vulnerability exists in the Oracle PeopleSoft Enterprise HCM Human Resources product that allows low privileged attackers to exploit network access via HTTP. Affected users of version 9.2 may face unauthorized read access to sensitive data. This flaw highlights potential security risks associated with network communications, emphasizing the importance of securing web-accessible applications to prevent data breaches.",Oracle,Peoplesoft Enterprise Hcm Human Resources,4.3,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2019-10-16T17:40:56.000Z,0
CVE-2018-3068,https://securityvulnerability.io/vulnerability/CVE-2018-3068,,"Vulnerability in the PeopleSoft Enterprise HCM Human Resources component of Oracle PeopleSoft Products (subcomponent: Compensation). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise HCM Human Resources. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise HCM Human Resources, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise HCM Human Resources accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise HCM Human Resources accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Peoplesoft Enterprise Hcm Human Resources,6.1,MEDIUM,0.0011099999537691474,false,,false,false,false,,,false,false,,2018-07-18T13:00:00.000Z,0
CVE-2018-2868,https://securityvulnerability.io/vulnerability/CVE-2018-2868,,"Vulnerability in the Oracle Human Resources component of Oracle E-Business Suite (subcomponent: General Utilities). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Human Resources. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Human Resources accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",Oracle,Human Resources,5.3,MEDIUM,0.0013099999632686377,false,,false,false,false,,,false,false,,2018-04-19T02:00:00.000Z,0
CVE-2018-2871,https://securityvulnerability.io/vulnerability/CVE-2018-2871,,"Vulnerability in the Oracle Human Resources component of Oracle E-Business Suite (subcomponent: General Utilities). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Human Resources. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Human Resources accessible data as well as unauthorized access to critical data or complete access to all Oracle Human Resources accessible data. CVSS 3.0 Base Score 9.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).",Oracle,Human Resources,9.1,CRITICAL,0.0022499999031424522,false,,false,false,false,,,false,false,,2018-04-19T02:00:00.000Z,0
CVE-2018-2869,https://securityvulnerability.io/vulnerability/CVE-2018-2869,,"Vulnerability in the Oracle Human Resources component of Oracle E-Business Suite (subcomponent: General Utilities). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Human Resources. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Human Resources accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",Oracle,Human Resources,5.3,MEDIUM,0.0013099999632686377,false,,false,false,false,,,false,false,,2018-04-19T02:00:00.000Z,0
CVE-2018-2870,https://securityvulnerability.io/vulnerability/CVE-2018-2870,,"Vulnerability in the Oracle Human Resources component of Oracle E-Business Suite (subcomponent: General Utilities). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Human Resources. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Human Resources accessible data as well as unauthorized access to critical data or complete access to all Oracle Human Resources accessible data. CVSS 3.0 Base Score 9.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N).",Oracle,Human Resources,9.1,CRITICAL,0.0022499999031424522,false,,false,false,false,,,false,false,,2018-04-19T02:00:00.000Z,0
CVE-2018-2654,https://securityvulnerability.io/vulnerability/CVE-2018-2654,,"Vulnerability in the PeopleSoft Enterprise HCM Human Resources component of Oracle PeopleSoft Products (subcomponent: Company Dir / Org Chart Viewer). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise HCM Human Resources. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise HCM Human Resources, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise HCM Human Resources accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise HCM Human Resources accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Peoplesoft Enterprise Hcm Human Resources,6.1,MEDIUM,0.001290000043809414,false,,false,false,false,,,false,false,,2018-01-18T02:00:00.000Z,0
CVE-2018-2681,https://securityvulnerability.io/vulnerability/CVE-2018-2681,,"Vulnerability in the PeopleSoft Enterprise HCM Human Resources component of Oracle PeopleSoft Products (subcomponent: Security). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise HCM Human Resources. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise HCM Human Resources accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise HCM Human Resources accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).",Oracle,Peoplesoft Enterprise Hcm Human Resources,5.4,MEDIUM,0.0008099999977275729,false,,false,false,false,,,false,false,,2018-01-18T02:00:00.000Z,0
CVE-2017-10306,https://securityvulnerability.io/vulnerability/CVE-2017-10306,,"Vulnerability in the PeopleSoft Enterprise HCM component of Oracle PeopleSoft Products (subcomponent: Security). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise HCM. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise HCM accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise HCM accessible data. CVSS 3.0 Base Score 4.6 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N).",Oracle,Peoplesoft Enterprise Hcm Human Resources,4.6,MEDIUM,0.0008099999977275729,false,,false,false,false,,,false,false,,2017-10-19T17:00:00.000Z,0
CVE-2017-10304,https://securityvulnerability.io/vulnerability/CVE-2017-10304,,"Vulnerability in the PeopleSoft Enterprise HCM component of Oracle PeopleSoft Products (subcomponent: Security). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise HCM. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise HCM, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise HCM accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise HCM accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N).",Oracle,Peoplesoft Enterprise Hcm Human Resources,5.4,MEDIUM,0.0008099999977275729,false,,false,false,false,,,false,false,,2017-10-19T17:00:00.000Z,0
CVE-2016-0407,https://securityvulnerability.io/vulnerability/CVE-2016-0407,,Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft Products 9.1 and 9.2 allows remote authenticated users to affect confidentiality via vectors related to Fusion HR Talent Integration.,Oracle,Peoplesoft Enterprise Human Capital Management Human Resources,6.5,MEDIUM,0.0010600000387057662,false,,false,false,false,,,false,false,,2016-04-21T10:00:00.000Z,0
CVE-2016-0537,https://securityvulnerability.io/vulnerability/CVE-2016-0537,,Unspecified vulnerability in the Oracle Human Resources component in Oracle E-Business Suite 11.5.10.2 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Person.,Oracle,Human Resources,,,0.0018100000452250242,false,,false,false,false,,,false,false,,2016-01-21T02:00:00.000Z,0