cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2025-21545,https://securityvulnerability.io/vulnerability/CVE-2025-21545,Remote Denial of Service Vulnerability in Oracle PeopleSoft Enterprise PeopleTools,"An exploitable vulnerability exists in the OpenSearch component of Oracle PeopleSoft Enterprise PeopleTools, affecting versions 8.60 and 8.61. This flaw enables unauthenticated attackers to gain network access via HTTP, potentially leading to a denial of service. Attackers can leverage this vulnerability to disrupt service, causing frequent crashes or system hangs without any authentication requirement.",Oracle,Peoplesoft Enterprise Peopletools,7.5,HIGH,0.01,false,false,false,false,false,false,false,2025-01-21T20:53:14.338Z,0
CVE-2025-21530,https://securityvulnerability.io/vulnerability/CVE-2025-21530,Unauthorized Access Vulnerability in Oracle PeopleSoft Enterprise PeopleTools,An exploitable vulnerability exists in Oracle's PeopleSoft Enterprise PeopleTools that may allow a low-privileged attacker with network access via HTTP to gain unauthorized read access to sensitive data. Affected versions include 8.60 and 8.61. Mitigating this vulnerability is essential to protect access-controlled information from unauthorized visibility.,Oracle,Peoplesoft Enterprise Peopletools,4.3,MEDIUM,0.01,false,false,false,false,false,false,false,2025-01-21T20:53:08.312Z,0
CVE-2024-21255,https://securityvulnerability.io/vulnerability/CVE-2024-21255,PeopleSoft Enterprise PeopleTools Vulnerability,"This vulnerability in the PeopleSoft Enterprise PeopleTools software, specifically within the XMLPublisher component, presents a significant risk to users. It allows attackers with low privileges, who can access the network via HTTP, to exploit the system. Successful exploitation can lead to the complete takeover of the PeopleSoft Enterprise PeopleTools application, jeopardizing the confidentiality, integrity, and availability of sensitive data processed within the system. Supported versions affected by this vulnerability include 8.59, 8.60, and 8.61. Organizations using these versions should prioritize applying patches and mitigating exposure to protect their systems.",Oracle,Peoplesoft Enterprise Peopletools,8.8,HIGH,0.0004799999878741801,false,false,false,false,,false,false,2024-10-15T19:52:52.972Z,0
CVE-2024-21214,https://securityvulnerability.io/vulnerability/CVE-2024-21214,Query Vulnerability in Oracle PeopleSoft Enterprise PeopleTools,"A vulnerability exists in the Oracle PeopleSoft Enterprise PeopleTools product, specifically within the Query component. This vulnerability is present in supported versions 8.59, 8.60, and 8.61 and can be easily exploited by a low privileged attacker with network access via HTTP. Exploitation may lead to unauthorized creation, deletion, or modification of critical data. Additionally, attackers could gain unauthorized access to all data accessible within PeopleSoft Enterprise PeopleTools, raising serious concerns regarding confidentiality and integrity of sensitive information.",Oracle,Peoplesoft Enterprise Peopletools,8.1,HIGH,0.0004799999878741801,false,false,false,false,,false,false,2024-10-15T19:52:42.872Z,0
CVE-2024-21202,https://securityvulnerability.io/vulnerability/CVE-2024-21202,Vulnerability in Oracle PeopleSoft Enterprise PeopleTools Affects Multiple Versions,"The vulnerability in Oracle PeopleSoft Enterprise PeopleTools allows unauthenticated attackers with access via HTTP to exploit the system. It affects the supported versions 8.59, 8.60, and 8.61. Exploitation requires human interaction from another individual, enabling unauthorized access, modifications, or deletions of data within PeopleSoft. Additionally, attackers may gain unauthorized read access to some data. This vulnerability implies that even while it specifically resides within PeopleSoft Enterprise PeopleTools, the implications could extend to other associated products, highlighting the need for immediate patching and security measures.",Oracle,Peoplesoft Enterprise Peopletools,6.1,MEDIUM,0.0004600000102072954,false,false,false,false,,false,false,2024-10-15T19:52:38.756Z,0
CVE-2024-21178,https://securityvulnerability.io/vulnerability/CVE-2024-21178,Unauthorized Access to Data in PeopleSoft Enterprise PeopleTools Could Occur via HTTP,"Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal).  Supported versions that are affected are 8.59, 8.60 and  8.61. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools.  Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as  unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Peoplesoft Enterprise Pt Peopletools,6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-07-16T23:15:00.000Z,0
CVE-2024-21180,https://securityvulnerability.io/vulnerability/CVE-2024-21180,Vulnerability in PeopleSoft Enterprise PeopleTools Could Lead to Unauthorized Data Access,"A vulnerability exists within the OpenSearch Dashboards component of Oracle's PeopleSoft Enterprise PeopleTools. It affects versions 8.59, 8.60, and 8.61 and can be exploited by low-privileged attackers who have network access via HTTP. This exploitation requires human interaction from someone other than the attacker and can lead to unauthorized read access to certain data within PeopleSoft Enterprise PeopleTools. The implications of this vulnerability extend beyond PeopleTools, potentially affecting other products as the scope may change. Organizations utilizing Oracle PeopleSoft should assess their systems to mitigate the risks associated with this vulnerability.",Oracle,Peoplesoft Enterprise Pt Peopletools,4.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-07-16T23:15:00.000Z,0
CVE-2024-21158,https://securityvulnerability.io/vulnerability/CVE-2024-21158,Vulnerability in PeopleSoft Enterprise PeopleTools Could Lead to Data Access,"Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal).  Supported versions that are affected are 8.59, 8.60 and  8.61. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools.  While the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as  unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 6.4 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N).",Oracle PeopleSoft,Peoplesoft Enterprise Peopletools,6.4,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-07-16T23:15:00.000Z,0
CVE-2024-21097,https://securityvulnerability.io/vulnerability/CVE-2024-21097,Security Flaw in Oracle PeopleSoft Enterprise Tools Affecting Multiple Versions,"A security vulnerability has been identified in Oracle's PeopleSoft Enterprise PeopleTools affecting the Security component. This flaw allows attackers with high privileges and network access via HTTP to potentially compromise the affected systems. Notably, versions 8.59, 8.60, and 8.61 are susceptible to exploitation. Successful exploitation could result in unauthorized access to sensitive data, posing a significant risk to organizational data integrity. It is imperative for users of these affected versions to implement security patches and follow best practices to mitigate any risks associated with this vulnerability. For detailed information, please refer to the official Oracle advisory.",Oracle,Peoplesoft Enterprise Peopletools,4.9,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21070,https://securityvulnerability.io/vulnerability/CVE-2024-21070,Vulnerability in Oracle PeopleSoft Enterprise PeopleTools Search Framework,"An improper authentication vulnerability exists in the PeopleSoft Enterprise PeopleTools product, specifically within its Search Framework component. This flaw can be exploited by unauthenticated attackers with network access via HTTP. Although the exploitation requires human interaction from a user other than the attacker, successful exploitation could lead to unauthorized modifications, including updates, inserts, or deletions of accessible data. Additionally, this vulnerability may enable unauthorized read access to specific subsets of data within the PeopleSoft system, posing significant risks to data confidentiality and integrity.",Oracle,Peoplesoft Enterprise Peopletools,5.4,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2023-22080,https://securityvulnerability.io/vulnerability/CVE-2023-22080,,"Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA Core Technology).  Supported versions that are affected are 8.59 and  8.60. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools.  Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as  unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Peoplesoft Enterprise Pt Peopletools,6.1,MEDIUM,0.0006099999882280827,false,false,false,false,,false,false,2023-10-17T22:15:00.000Z,0
CVE-2023-22047,https://securityvulnerability.io/vulnerability/CVE-2023-22047,Unauthenticated Access Vulnerability in Oracle PeopleSoft Enterprise PeopleTools,"A vulnerability exists in Oracle's PeopleSoft Enterprise PeopleTools, specifically within the Portal component. This flaw can be exploited by an unauthenticated attacker with network access via HTTP, potentially leading to unauthorized access to sensitive data. Attackers can exploit this vulnerability in versions 8.59 and 8.60 of PeopleSoft Enterprise PeopleTools, thereby compromising the security integrity of the application and allowing for extensive unauthorized access to critical data resources.",Oracle,Peoplesoft Enterprise Pt Peopletools,7.5,HIGH,0.0006099999882280827,false,false,false,false,,false,false,2023-07-18T21:15:00.000Z,0
CVE-2023-22014,https://securityvulnerability.io/vulnerability/CVE-2023-22014,Unauthorized Access Vulnerability in Oracle PeopleSoft Enterprise PeopleTools Portal,"A vulnerability exists within Oracle PeopleSoft Enterprise PeopleTools Portal that could allow an unauthenticated attacker with access to the infrastructure to exploit this weakness. Successful exploitation may lead to a complete compromise of the PeopleTools environment, enabling the attacker to gain unauthorized control. Affected versions include 8.59 and 8.60, emphasizing the need for immediate investigation and remediation to protect sensitive data and ensure system integrity.",Oracle,Peoplesoft Enterprise Pt Peopletools,8.4,HIGH,0.0006099999882280827,false,false,false,false,,false,false,2023-07-18T21:15:00.000Z,0
CVE-2023-21981,https://securityvulnerability.io/vulnerability/CVE-2023-21981,,"Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Elastic Search).  Supported versions that are affected are 8.58, 8.59 and  8.60. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools.  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 4.9 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).",Oracle,Peoplesoft Enterprise Pt Peopletools,4.9,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2023-04-18T20:15:00.000Z,0
CVE-2023-21916,https://securityvulnerability.io/vulnerability/CVE-2023-21916,,"Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Web Server).  Supported versions that are affected are 8.58, 8.59 and  8.60. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools.  Successful attacks of this vulnerability can result in  unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",Oracle,Peoplesoft Enterprise Pt Peopletools,5.3,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2023-04-18T20:15:00.000Z,0
CVE-2023-21845,https://securityvulnerability.io/vulnerability/CVE-2023-21845,,"Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Panel Processor).   The supported version that is affected is 8.60. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools.  Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as  unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 5.4 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N).",Oracle,PeopleSoft Enterprise PT PeopleTools,5.4,MEDIUM,0.000539999979082495,false,false,false,false,,false,false,2023-01-18T00:15:00.000Z,0
CVE-2023-21844,https://securityvulnerability.io/vulnerability/CVE-2023-21844,,"Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Elastic Search).  Supported versions that are affected are 8.59 and  8.60. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools.  Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as  unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 5.4 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N).",Oracle,PeopleSoft Enterprise PT PeopleTools,5.4,MEDIUM,0.000539999979082495,false,false,false,false,,false,false,2023-01-18T00:15:00.000Z,0
CVE-2022-21602,https://securityvulnerability.io/vulnerability/CVE-2022-21602,,"Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.58, 8.59 and 8.60. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",Oracle,Peoplesoft Enterprise Pt Peopletools,5.3,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2022-10-18T00:00:00.000Z,0
CVE-2022-21639,https://securityvulnerability.io/vulnerability/CVE-2022-21639,,"Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Elastic Search Integration). Supported versions that are affected are 8.59 and 8.60. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Peoplesoft Enterprise Pt Peopletools,6.1,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2022-10-18T00:00:00.000Z,0
CVE-2022-39407,https://securityvulnerability.io/vulnerability/CVE-2022-39407,,"Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Security). Supported versions that are affected are 8.58, 8.59 and 8.60. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where PeopleSoft Enterprise PeopleTools executes to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 5.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).",Oracle,Peoplesoft Enterprise Pt Peopletools,5.5,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2022-10-18T00:00:00.000Z,0
CVE-2022-21543,https://securityvulnerability.io/vulnerability/CVE-2022-21543,,"Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Mgmt). Supported versions that are affected are 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in takeover of PeopleSoft Enterprise PeopleTools. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).",Oracle,Peoplesoft Enterprise Pt Peopletools,9.8,CRITICAL,0.00044999999227002263,false,false,false,false,,false,false,2022-07-19T21:07:34.000Z,0
CVE-2022-21521,https://securityvulnerability.io/vulnerability/CVE-2022-21521,,Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: XML Publisher). Supported versions that are affected are 8.58 and 8.59. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).,Oracle,Peoplesoft Enterprise Pt Peopletools,4.9,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2022-07-19T21:07:00.000Z,0
CVE-2022-21520,https://securityvulnerability.io/vulnerability/CVE-2022-21520,,"Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Fluid Core). Supported versions that are affected are 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Peoplesoft Enterprise Pt Peopletools,6.1,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2022-07-19T21:06:58.000Z,0
CVE-2022-21512,https://securityvulnerability.io/vulnerability/CVE-2022-21512,,Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Integration Broker). Supported versions that are affected are 8.58 and 8.59. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where PeopleSoft Enterprise PeopleTools executes to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 4.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).,Oracle,Peoplesoft Enterprise Pt Peopletools,4.4,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2022-07-19T21:06:46.000Z,0
CVE-2022-21470,https://securityvulnerability.io/vulnerability/CVE-2022-21470,,"Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Process Scheduler). Supported versions that are affected are 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Peoplesoft Enterprise Pt Peopletools,6.1,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2022-04-19T20:38:11.000Z,0