cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-21545,https://securityvulnerability.io/vulnerability/CVE-2025-21545,Remote Denial of Service Vulnerability in Oracle PeopleSoft Enterprise PeopleTools,"An exploitable vulnerability exists in the OpenSearch component of Oracle PeopleSoft Enterprise PeopleTools, affecting versions 8.60 and 8.61. This flaw enables unauthenticated attackers to gain network access via HTTP, potentially leading to a denial of service. Attackers can leverage this vulnerability to disrupt service, causing frequent crashes or system hangs without any authentication requirement.",Oracle,Peoplesoft Enterprise Peopletools,7.5,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T20:53:14.338Z,0
CVE-2025-21530,https://securityvulnerability.io/vulnerability/CVE-2025-21530,Unauthorized Access Vulnerability in Oracle PeopleSoft Enterprise PeopleTools,An exploitable vulnerability exists in Oracle's PeopleSoft Enterprise PeopleTools that may allow a low-privileged attacker with network access via HTTP to gain unauthorized read access to sensitive data. Affected versions include 8.60 and 8.61. Mitigating this vulnerability is essential to protect access-controlled information from unauthorized visibility.,Oracle,Peoplesoft Enterprise Peopletools,4.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T20:53:08.312Z,0
CVE-2024-21255,https://securityvulnerability.io/vulnerability/CVE-2024-21255,PeopleSoft Enterprise PeopleTools Vulnerability,"This vulnerability in the PeopleSoft Enterprise PeopleTools software, specifically within the XMLPublisher component, presents a significant risk to users. It allows attackers with low privileges, who can access the network via HTTP, to exploit the system. Successful exploitation can lead to the complete takeover of the PeopleSoft Enterprise PeopleTools application, jeopardizing the confidentiality, integrity, and availability of sensitive data processed within the system. Supported versions affected by this vulnerability include 8.59, 8.60, and 8.61. Organizations using these versions should prioritize applying patches and mitigating exposure to protect their systems.",Oracle,Peoplesoft Enterprise Peopletools,8.8,HIGH,0.0004799999878741801,false,,false,false,false,,,false,false,,2024-10-15T19:52:52.972Z,0
CVE-2024-21214,https://securityvulnerability.io/vulnerability/CVE-2024-21214,Query Vulnerability in Oracle PeopleSoft Enterprise PeopleTools,"A vulnerability exists in the Oracle PeopleSoft Enterprise PeopleTools product, specifically within the Query component. This vulnerability is present in supported versions 8.59, 8.60, and 8.61 and can be easily exploited by a low privileged attacker with network access via HTTP. Exploitation may lead to unauthorized creation, deletion, or modification of critical data. Additionally, attackers could gain unauthorized access to all data accessible within PeopleSoft Enterprise PeopleTools, raising serious concerns regarding confidentiality and integrity of sensitive information.",Oracle,Peoplesoft Enterprise Peopletools,8.1,HIGH,0.0004799999878741801,false,,false,false,false,,,false,false,,2024-10-15T19:52:42.872Z,0
CVE-2024-21202,https://securityvulnerability.io/vulnerability/CVE-2024-21202,Vulnerability in Oracle PeopleSoft Enterprise PeopleTools Affects Multiple Versions,"The vulnerability in Oracle PeopleSoft Enterprise PeopleTools allows unauthenticated attackers with access via HTTP to exploit the system. It affects the supported versions 8.59, 8.60, and 8.61. Exploitation requires human interaction from another individual, enabling unauthorized access, modifications, or deletions of data within PeopleSoft. Additionally, attackers may gain unauthorized read access to some data. This vulnerability implies that even while it specifically resides within PeopleSoft Enterprise PeopleTools, the implications could extend to other associated products, highlighting the need for immediate patching and security measures.",Oracle,Peoplesoft Enterprise Peopletools,6.1,MEDIUM,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-10-15T19:52:38.756Z,0
CVE-2024-21178,https://securityvulnerability.io/vulnerability/CVE-2024-21178,Unauthorized Access to Data in PeopleSoft Enterprise PeopleTools Could Occur via HTTP,"Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal).  Supported versions that are affected are 8.59, 8.60 and  8.61. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools.  Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as  unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N).",Oracle,Peoplesoft Enterprise Pt Peopletools,6.1,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-16T23:15:00.000Z,0
CVE-2024-21158,https://securityvulnerability.io/vulnerability/CVE-2024-21158,Vulnerability in PeopleSoft Enterprise PeopleTools Could Lead to Data Access,"Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal).  Supported versions that are affected are 8.59, 8.60 and  8.61. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools.  While the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as  unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 6.4 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N).",Oracle PeopleSoft,Peoplesoft Enterprise Peopletools,6.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2024-07-16T23:15:00.000Z,0
CVE-2024-21180,https://securityvulnerability.io/vulnerability/CVE-2024-21180,Vulnerability in PeopleSoft Enterprise PeopleTools Could Lead to Unauthorized Data Access,"A vulnerability exists within the OpenSearch Dashboards component of Oracle's PeopleSoft Enterprise PeopleTools. It affects versions 8.59, 8.60, and 8.61 and can be exploited by low-privileged attackers who have network access via HTTP. This exploitation requires human interaction from someone other than the attacker and can lead to unauthorized read access to certain data within PeopleSoft Enterprise PeopleTools. The implications of this vulnerability extend beyond PeopleTools, potentially affecting other products as the scope may change. Organizations utilizing Oracle PeopleSoft should assess their systems to mitigate the risks associated with this vulnerability.",Oracle,Peoplesoft Enterprise Pt Peopletools,4.1,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-16T23:15:00.000Z,0
CVE-2024-21097,https://securityvulnerability.io/vulnerability/CVE-2024-21097,Security Flaw in Oracle PeopleSoft Enterprise Tools Affecting Multiple Versions,"A security vulnerability has been identified in Oracle's PeopleSoft Enterprise PeopleTools affecting the Security component. This flaw allows attackers with high privileges and network access via HTTP to potentially compromise the affected systems. Notably, versions 8.59, 8.60, and 8.61 are susceptible to exploitation. Successful exploitation could result in unauthorized access to sensitive data, posing a significant risk to organizational data integrity. It is imperative for users of these affected versions to implement security patches and follow best practices to mitigate any risks associated with this vulnerability. For detailed information, please refer to the official Oracle advisory.",Oracle,Peoplesoft Enterprise Peopletools,4.9,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-16T22:15:00.000Z,0
CVE-2024-21070,https://securityvulnerability.io/vulnerability/CVE-2024-21070,Vulnerability in Oracle PeopleSoft Enterprise PeopleTools Search Framework,"An improper authentication vulnerability exists in the PeopleSoft Enterprise PeopleTools product, specifically within its Search Framework component. This flaw can be exploited by unauthenticated attackers with network access via HTTP. Although the exploitation requires human interaction from a user other than the attacker, successful exploitation could lead to unauthorized modifications, including updates, inserts, or deletions of accessible data. Additionally, this vulnerability may enable unauthorized read access to specific subsets of data within the PeopleSoft system, posing significant risks to data confidentiality and integrity.",Oracle,Peoplesoft Enterprise Peopletools,5.4,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-16T22:15:00.000Z,0
CVE-2023-22080,https://securityvulnerability.io/vulnerability/CVE-2023-22080,Vulnerability in PeopleSoft Enterprise PeopleTools by Oracle,"This vulnerability in Oracle's PeopleSoft Enterprise PeopleTools component, specifically affecting versions 8.59 and 8.60, allows unauthenticated attackers to compromise the system via HTTP. Exploitation requires human interaction from a third-party user, potentially leading to unauthorized data modifications such as updates, inserts, or deletions, as well as read access to sensitive information within PeopleSoft. The implications may extend beyond the core product, affecting various interlinked systems and increasing the overall risk to organizational data security.",Oracle,Peoplesoft Enterprise Pt Peopletools,6.1,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2023-10-17T22:15:00.000Z,0
CVE-2023-22047,https://securityvulnerability.io/vulnerability/CVE-2023-22047,Unauthenticated Access Vulnerability in Oracle PeopleSoft Enterprise PeopleTools,"A vulnerability exists in Oracle's PeopleSoft Enterprise PeopleTools, specifically within the Portal component. This flaw can be exploited by an unauthenticated attacker with network access via HTTP, potentially leading to unauthorized access to sensitive data. Attackers can exploit this vulnerability in versions 8.59 and 8.60 of PeopleSoft Enterprise PeopleTools, thereby compromising the security integrity of the application and allowing for extensive unauthorized access to critical data resources.",Oracle,Peoplesoft Enterprise Pt Peopletools,7.5,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-07-18T21:15:00.000Z,0
CVE-2023-22014,https://securityvulnerability.io/vulnerability/CVE-2023-22014,Unauthorized Access Vulnerability in Oracle PeopleSoft Enterprise PeopleTools Portal,"A vulnerability exists within Oracle PeopleSoft Enterprise PeopleTools Portal that could allow an unauthenticated attacker with access to the infrastructure to exploit this weakness. Successful exploitation may lead to a complete compromise of the PeopleTools environment, enabling the attacker to gain unauthorized control. Affected versions include 8.59 and 8.60, emphasizing the need for immediate investigation and remediation to protect sensitive data and ensure system integrity.",Oracle,Peoplesoft Enterprise Pt Peopletools,8.4,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-07-18T21:15:00.000Z,0
CVE-2023-21981,https://securityvulnerability.io/vulnerability/CVE-2023-21981,Vulnerability in Elastic Search Component of PeopleSoft Enterprise by Oracle,"A vulnerability exists in the Elastic Search component of the Oracle PeopleSoft Enterprise PeopleTools product. This flaw can be exploited easily by a high-privileged attacker with network access via HTTP, leading to unauthorized access to sensitive data. Affected versions include 8.58, 8.59, and 8.60. Successful exploitation may allow attackers to access critical data or potentially gain complete access to all data accessible within the PeopleSoft Enterprise environment.",Oracle,Peoplesoft Enterprise Pt Peopletools,4.9,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-04-18T20:15:00.000Z,0
CVE-2023-21916,https://securityvulnerability.io/vulnerability/CVE-2023-21916,Exploitable Vulnerability in Oracle PeopleSoft Enterprise PeopleTools Web Server,"A security vulnerability exists in the Web Server component of Oracle's PeopleSoft Enterprise PeopleTools. This flaw allows an unauthenticated attacker with network access via HTTP to potentially compromise systems running unsupported versions 8.58, 8.59, and 8.60. Successful exploitation could lead to unauthorized read access to sensitive subsets of data, highlighting a critical need for organizations using these versions to review their configurations and enhance security measures to protect against potential intrusions.",Oracle,Peoplesoft Enterprise Pt Peopletools,5.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-04-18T20:15:00.000Z,0
CVE-2023-21845,https://securityvulnerability.io/vulnerability/CVE-2023-21845,Vulnerability in Oracle PeopleSoft Enterprise PeopleTools Panel Processor,"A security flaw exists within Oracle's PeopleSoft Enterprise PeopleTools, specifically affecting the Panel Processor component. This vulnerability makes it possible for low-privileged attackers to exploit network access via HTTP, leading to potential unauthorized actions such as updating, inserting, or deleting data. Additionally, attackers may gain unauthorized read access to certain data within PeopleSoft Enterprise PeopleTools, raising significant concerns about data confidentiality and integrity. Affected users should apply necessary security measures promptly.",Oracle,PeopleSoft Enterprise PT PeopleTools,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2023-01-18T00:15:00.000Z,0
CVE-2023-21844,https://securityvulnerability.io/vulnerability/CVE-2023-21844,Vulnerability in PeopleSoft Enterprise PeopleTools by Oracle affecting Elastic Search,"A vulnerability exists in Oracle's PeopleSoft Enterprise PeopleTools, specifically within the Elastic Search component. This weakness allows low-privileged attackers, with network access via HTTP, to compromise the affected system. Successful exploitation may lead to unauthorized update, insert, or delete operations on accessible data, as well as the unauthorized reading of certain data. The attack process necessitates interaction from a user, thus increasing the complexity of exploitation. This flaw potentially impacts not only PeopleTools but can also affect other connected products, as it changes the scope of a security breach.",Oracle,PeopleSoft Enterprise PT PeopleTools,5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2023-01-18T00:15:00.000Z,0
CVE-2022-39407,https://securityvulnerability.io/vulnerability/CVE-2022-39407,Security Flaw in Oracle PeopleSoft Enterprise PeopleTools,"A vulnerability exists in Oracle's PeopleSoft Enterprise PeopleTools that could allow attackers with low privileges to gain unauthorized access to sensitive data. This issue affects supported versions 8.58, 8.59, and 8.60. If exploited, an attacker could compromise the application and potentially access all data within PeopleSoft Enterprise PeopleTools, posing significant risks to data integrity and confidentiality.",Oracle,Peoplesoft Enterprise Pt Peopletools,5.5,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-10-18T00:00:00.000Z,0
CVE-2022-21602,https://securityvulnerability.io/vulnerability/CVE-2022-21602,Portal Vulnerability in Oracle PeopleSoft Enterprise PeopleTools,"This vulnerability in Oracle's PeopleSoft Enterprise PeopleTools pertains to its Portal component. It allows unauthenticated attackers with network access via HTTP to gain unauthorized read access to sensitive data within the system. The affected versions, 8.58, 8.59, and 8.60, could potentially allow malicious users to compromise the integrity of PeopleSoft services. Organizations using these versions should prioritize updating their systems to safeguard sensitive information from unauthorized access.",Oracle,Peoplesoft Enterprise Pt Peopletools,5.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-10-18T00:00:00.000Z,0
CVE-2022-21639,https://securityvulnerability.io/vulnerability/CVE-2022-21639,Unauthenticated Remote Code Execution in Oracle PeopleSoft Enterprise PeopleTools,"An unauthenticated vulnerability exists in Oracle's PeopleSoft Enterprise PeopleTools, specifically within the Elastic Search Integration component, that allows attackers with network access to exploit the system. Affected versions 8.59 and 8.60 permit unauthorized actions including updates, inserts, and deletions of accessible data, as well as unauthorized reading of certain data. Successful exploitation necessitates human interaction from a user other than the attacker, allowing for potential extensive impacts on additional interconnected products. Organizations are encouraged to review their configurations and apply necessary patches to mitigate risks associated with this vulnerability.",Oracle,Peoplesoft Enterprise Pt Peopletools,6.1,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-10-18T00:00:00.000Z,0
CVE-2022-21543,https://securityvulnerability.io/vulnerability/CVE-2022-21543,Unauthenticated Access Vulnerability in Oracle PeopleSoft Enterprise PeopleTools,"This vulnerability in Oracle People's PeopleTools enables unauthenticated attackers to gain access to the system through an HTTP network connection. Affected versions include PeopleSoft Enterprise PeopleTools 8.58 and 8.59. By exploiting this security flaw, an attacker can execute unauthorized operations, which may lead to a complete takeover of the PeopleSoft environment. Organizations using these versions should assess their systems for this vulnerability to prevent potential compromises.",Oracle,Peoplesoft Enterprise Pt Peopletools,9.8,CRITICAL,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-07-19T21:07:34.000Z,0
CVE-2022-21521,https://securityvulnerability.io/vulnerability/CVE-2022-21521,Unauthorized Access Vulnerability in Oracle PeopleSoft Enterprise PeopleTools,Oracle PeopleSoft Enterprise PeopleTools contains a vulnerability in the XML Publisher component that can be exploited by high privileged attackers with network access via HTTP. This flaw could lead to unauthorized access to sensitive information or full access to all data managed by PeopleSoft Enterprise PeopleTools. The exploitation of this vulnerability could significantly compromise the confidentiality of user data and system integrity.,Oracle,Peoplesoft Enterprise Pt Peopletools,4.9,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-07-19T21:07:00.000Z,0
CVE-2022-21520,https://securityvulnerability.io/vulnerability/CVE-2022-21520,Unauthenticated Network Vulnerability in Oracle PeopleSoft Enterprise PeopleTools,"A security concern exists within Oracle's PeopleSoft Enterprise PeopleTools, specifically in the Fluid Core component. The vulnerability permits an unauthenticated attacker with network access via HTTP to potentially compromise the system. Exploitation of this flaw necessitates human interaction from another individual, potentially broadening the attack's effect on various interconnected products. Successful exploitation can lead to unauthorized modifications, including the ability to update, insert, or delete data within PeopleSoft Enterprise PeopleTools, as well as unauthorized access to certain data. This highlights a significant risk to the confidentiality and integrity of accessible data.",Oracle,Peoplesoft Enterprise Pt Peopletools,6.1,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-07-19T21:06:58.000Z,0
CVE-2022-21512,https://securityvulnerability.io/vulnerability/CVE-2022-21512,Integration Broker Vulnerability in PeopleSoft Enterprise Tools by Oracle,"A vulnerability has been identified in the Integration Broker component of Oracle's PeopleSoft Enterprise PeopleTools. This issue affects the supported versions 8.58 and 8.59, allowing attackers with privileged access to exploit the system. A successful attack can grant unauthorized access to sensitive data, possibly leading to a complete compromise of all accessible data within the PeopleSoft environment. Organizations using these versions should assess their security posture to prevent potential exploitation.",Oracle,Peoplesoft Enterprise Pt Peopletools,4.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-07-19T21:06:46.000Z,0
CVE-2022-21470,https://securityvulnerability.io/vulnerability/CVE-2022-21470,Unauthenticated Access Vulnerability in PeopleSoft Enterprise PeopleTools by Oracle,"The vulnerability in Oracle's PeopleSoft Enterprise PeopleTools allows unauthenticated attackers to gain access via HTTP, leading to unauthorized modifications and access to sensitive data. This vulnerability requires interaction from a legitimate user to be executed, making it particularly dangerous as it can extend its impact to other interconnected systems. It poses a risk of unauthorized data updates, inserts, and deletions, affecting the integrity and confidentiality of the data managed by PeopleSoft.",Oracle,Peoplesoft Enterprise Pt Peopletools,6.1,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-04-19T20:38:11.000Z,0