cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-21286,https://securityvulnerability.io/vulnerability/CVE-2024-21286,Unauthorized Access to Sensitive Data in PeopleSoft ELM,"A vulnerability exists in the PeopleSoft Enterprise ELM product from Oracle, specifically affecting version 9.2. This security issue allows an attacker with low privileges and network access via HTTP to potentially compromise the Enterprise Learning Management system. Although the exploit requires human interaction from another person, the implications extend beyond the immediate product, possibly affecting additional systems. Successful exploitation could lead to unauthorized access, allowing the attacker to update, insert, or delete data and gain unauthorized read access to certain datasets within PeopleSoft Enterprise ELM. Organizations relying on this software need to take proactive measures to mitigate risks associated with this vulnerability.",Oracle,Peoplesoft Enterprise Elm Enterprise Learning Management,5.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-10-15T19:53:03.774Z,0
CVE-2023-21852,https://securityvulnerability.io/vulnerability/CVE-2023-21852,Unauthenticated Access Vulnerability in Oracle Learning Management by Oracle,"An unauthenticated access vulnerability exists within Oracle Learning Management, a component of Oracle E-Business Suite. This flaw allows an attacker with network access via HTTP to manipulate critical data. After exploiting this weakness, unauthorized users can create, delete, or modify sensitive data accessible within the Oracle Learning Management system. Affected versions include those ranging from 12.2.3 through 12.2.12, all of which are susceptible to this significant risk.",Oracle,Learning Management,7.5,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-01-18T00:15:00.000Z,0
CVE-2020-2880,https://securityvulnerability.io/vulnerability/CVE-2020-2880,Unauthorized Access Vulnerability in Oracle Learning Management by Oracle,"A vulnerability exists in Oracle Learning Management of Oracle E-Business Suite that allows an unauthenticated attacker with network access via HTTP to gain unauthorized access to sensitive data. Successful exploitation of this vulnerability, which requires human interaction from a user other than the attacker, can lead to potential unauthorized updates, inserts, or deletion of data within Oracle Learning Management. This weakness can not only compromise the integrity and confidentiality of the system but may also impact connected systems significantly.",Oracle,Learning Management,8.2,HIGH,0.0019199999514967203,false,,false,false,false,,,false,false,,2020-04-15T13:29:50.000Z,0
CVE-2019-2707,https://securityvulnerability.io/vulnerability/CVE-2019-2707,Vulnerability in Oracle PeopleSoft Enterprise Learning Management Component,"A vulnerability exists in the PeopleSoft Enterprise ELM component of Oracle PeopleSoft Products, specifically affecting the application search feature. This flaw could be exploited by an unauthenticated attacker with network access via HTTP, potentially compromising sensitive data within the system. While the primary focus is on PeopleSoft Enterprise ELM, the impacts could extend to other related products. Successful exploitation can lead to unauthorized updates, insertions, deletions, and read access to accessible data, posing significant risks to the integrity and confidentiality of information handled by the system.",Oracle,Peoplesoft Enterprise Elm Enterprise Learning Management,6.1,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2019-04-23T18:16:45.000Z,0
CVE-2019-2700,https://securityvulnerability.io/vulnerability/CVE-2019-2700,Vulnerability in PeopleSoft Enterprise ELM Component by Oracle,"A vulnerability exists in the PeopleSoft Enterprise ELM component of Oracle PeopleSoft Products, specifically in version 9.2. This issue allows an attacker with low privileges and network access via HTTP to exploit the Enterprise Learning Management system. Successful exploitation can lead to unauthorized modifications, including updates, insertions, or deletions of accessible data within the PeopleSoft Enterprise ELM framework.",Oracle,Peoplesoft Enterprise Elm Enterprise Learning Management,4.3,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2019-04-23T18:16:44.000Z,0