Lucene search
K

33 matches found

Rapid7 Blog
Rapid7 Blog
added 2026/06/12 1:43 p.m.10 views

Active Exploitation of Oracle PeopleSoft Zero-Day (CVE-2026-35273)

Overview On June 10, 2026, Oracle published a security alert for CVE-2026-35273, a critical vulnerability in the Updates Environment Management component of PeopleSoft Enterprise PeopleTools. Oracle released an out-of-band patch the same day as the advisory, underscoring the urgency of remediatio...

9.8CVSS6.9AI score0.9233EPSS
Exploits3
GithubExploit
GithubExploit
added 2026/06/12 9:19 a.m.146 views

Exploit for CVE-2026-35273

🚨 CVE-2026-35273 - Oracle PeopleSoft PeopleTools Unauthenticat...

9.8CVSS6.3AI score0.9233EPSS
Exploits3
NVD
NVD
added 2026/06/11 4:16 a.m.22 views

CVE-2026-35273

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Updates Environment Management. Supported versions that are affected are 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

9.8CVSS0.9233EPSS
Exploits3References2
CVE
CVE
added 2026/06/11 2:25 a.m.1177 views

CVE-2026-35273

CVE-2026-35273 is a remote, unauthenticated RCE in Oracle PeopleSoft Enterprise PeopleTools Updates Environment Management (PSEMHUB) affecting PeopleTools 8.61 and 8.62. Vendor advisories describe the flaw as a high-severity, network-exposed vulnerability with CVSS v3.1 score 9.8. Exploitation ha...

9.8CVSS5.5AI score0.9233EPSS
In wildExploits3References2Affected Software1
EUVD
EUVD
added 2026/06/11 2:25 a.m.42 views

EUVD-2026-36199

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Updates Environment Management. Supported versions that are affected are 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

9.8CVSS5.5AI score0.9233EPSS
Exploits3References1
CNNVD
CNNVD
added 2026/06/11 12:0 a.m.16 views

Oracle PeopleSoft Enterprise PeopleTools 访问控制错误漏洞

Oracle PeopleSoft Enterprise PeopleTools is a technology provided by Oracle Corporation for use with PeopleSoft applications, ensuring that it remains aligned with user needs and expectations. Versions 8.61 and 8.62 of Oracle PeopleSoft Enterprise PeopleTools contain access control vulnerabilitie...

9.8CVSS5.8AI score0.9233EPSS
Exploits3References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2017-2011

Malware in sbrugna...

8.1CVSS8.2AI score0.01952EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-6700

Malware in sbrugna...

4CVSS5.8AI score0.00858EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-0432

Malware in sbrugna...

5CVSS6.1AI score0.02053EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2014-0433

Malware in sbrugna...

5CVSS6.1AI score0.02053EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2025/07/09 12:0 a.m.6 views

The vulnerability of the software platform for managing execution environments of Apache CloudStack, related to insufficient protection of operational data, allows attackers to compromise the confidentiality and integrity of the protected information.

The vulnerability of the software platform that manages virtual machine environments in Apache CloudStack is related to insufficient protection of operational data. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality and integrity of the protected...

8.5CVSS5.8AI score0.00596EPSS
Exploits0References3Affected Software1
Citrix
Citrix
added 2025/03/24 12:0 a.m.12 views

Unable to login to WEM Web Console

When Login to Workspace Environment Management Web Console get the message "The user name or password is incorrect. Try again."...

7.2AI score
Exploits0
Citrix
Citrix
added 2024/07/14 12:0 a.m.6 views

Citrix Virtual Apps and Desktop Profile Management (UPM, WEM)

Citrix Profile Management Introduction Profile Management is intended as a profile solution for Citrix Virtual Apps servers, virtual desktops created with Citrix Virtual Desktops, and physical desktops. You install Profile Management on each computer whose profiles you want to manage. Active...

6.6AI score
Exploits0
Citrix
Citrix
added 2023/11/17 12:0 a.m.13 views

There is no LTSR version of WEM

This article describes whether there is Long Term Service Release LTSR version of Workspace Environment Management WEM...

7.1AI score
Exploits0
Citrix
Citrix
added 2023/04/21 12:0 a.m.6 views

Unable to import GPO into Workspace Environment Management service - Invalid Zip file

When trying to import a GPO into WEM console in Citrix Cloud Web console, users get an error stating "Invalid ZIP file. Replace your file and try again"...

6.9AI score
Exploits0
Citrix
Citrix
added 2023/03/20 12:0 a.m.8 views

How to specify command line parameters when distributing a WEM application

To deploy applications via Workspace Environment management with additional command line parameters...

7.3AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/08/18 12:0 a.m.5 views

The vulnerability of the Updates Environment Mgmt component of the Oracle PeopleSoft Enterprise PeopleTools business application allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the Updates Environment Mgmt component in the Oracle PeopleSoft Enterprise PeopleTools business application exists due to insufficient validation of input data. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of...

10CVSS7.7AI score0.0132EPSS
Exploits0References3Affected Software1
Citrix
Citrix
added 2022/05/26 12:0 a.m.10 views

How to Add process Management black/White list on WEM

...

7.2AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2020/08/14 12:0 a.m.3 views

The vulnerability of the Environment Mgmt Console component in the Oracle PeopleSoft Enterprise PeopleTools business application suite, due to insufficient input data validation, allows attackers to modify, add, or delete data, or cause system downtime or service failures.

The vulnerability of the Security component of the Oracle Unified Directory application for simplified deployment in the Oracle Fusion Middleware software is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to modify, add, or delete data...

8.1CVSS7.7AI score0.01022EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2020/08/12 12:0 a.m.2 views

The vulnerability of the CloudForms Management Engine, a software platform for managing virtual environments, related to access control deficiencies, allows attackers to increase their privileges.

The vulnerability of the CloudForms Management Engine, a software platform for managing virtual environments, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker operating remotely to increase their privileges...

8.4CVSS7.4AI score0.01EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder