Lucene search
K

285 matches found

Rapid7 Blog
Rapid7 Blog
added 2026/06/12 1:43 p.m.10 views

Active Exploitation of Oracle PeopleSoft Zero-Day (CVE-2026-35273)

Overview On June 10, 2026, Oracle published a security alert for CVE-2026-35273, a critical vulnerability in the Updates Environment Management component of PeopleSoft Enterprise PeopleTools. Oracle released an out-of-band patch the same day as the advisory, underscoring the urgency of remediatio...

9.8CVSS6.9AI score0.9233EPSS
Exploits3
CISA
CISA
added 2026/06/12 12:0 p.m.10 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2026-35273link is external Oracle PeopleSoft Enterprise PeopleTools Missing Authentication for Critical Function Vulnerability This type of vulnerability is a...

9.8CVSS5.8AI score0.9233EPSS
In wildExploits3References7
RedhatCVE
RedhatCVE
added 2026/06/05 7:27 p.m.7 views

CVE-2026-22006

Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft component: Employee Snapshot. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise...

5.4CVSS7.3AI score0.00169EPSS
Exploits0References1
NVD
NVD
added 2026/01/20 10:15 p.m.21 views

CVE-2026-21951

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Integration Broker. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

6.1CVSS0.002EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:16 a.m.7 views

CVE-2019-2915

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Fluid Core. Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...

6.1CVSS6.2AI score0.01168EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:16 a.m.7 views

CVE-2019-2599

Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products subcomponent: Pagelet Wizard. Supported versions that are affected are 8.55, 8.56 and 8.57. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

6.5CVSS6.1AI score0.01348EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:15 a.m.7 views

CVE-2019-2748

Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products subcomponent: Application Server. Supported versions that are affected are 8.55, 8.56 and 8.57. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to...

7.1CVSS6.1AI score0.00884EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:4 a.m.6 views

CVE-2011-0827

Unspecified vulnerability in the PeopleSoft Enterprise component in Oracle PeopleSoft Products 8.50 GA through 8.50.17 and 8.51 GA through 8.51.07 allows remote authenticated users to affect integrity via unknown vectors related to PeopleTools...

3.5CVSS5.7AI score0.00723EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:3 a.m.8 views

CVE-2011-0858

Unspecified vulnerability in Oracle PeopleSoft Enterprise HRMS 9.0 Bundle 15 and 9.1 Bundle 5 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Talent Acquisition Manager...

5.5CVSS5.6AI score0.00872EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:2 a.m.7 views

CVE-2011-0828

Unspecified vulnerability in Oracle PeopleSoft Enterprise 8.8 Bundle 13 allows remote attackers to affect integrity via unknown vectors related to Application Portal...

4.3CVSS6.2AI score0.01349EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/21 8:3 p.m.6 views

EUVD-2025-35273

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: PIA Core Technology. Supported versions that are affected are 8.60, 8.61 and 8.62. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft...

5.5CVSS4.6AI score0.00224EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-2742

Malware in sbrugna...

4CVSS6.4AI score0.01452EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2011-3491

Malware in sbrugna...

5.5CVSS6.4AI score0.01545EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2016-4468

Malware in sbrugna...

5.4CVSS6AI score0.01069EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2016-4447

Malware in sbrugna...

7.4CVSS7.7AI score0.01165EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2011-0839

Malware in sbrugna...

3.5CVSS6.3AI score0.00723EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2008-1829

Malware in sbrugna...

9CVSS6.2AI score0.02036EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2010-0112

Malware in sbrugna...

4.9CVSS6.3AI score0.01292EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2010-3520

Malware in sbrugna...

5.5CVSS6.3AI score0.01464EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2007-2126

Malware in sbrugna...

10CVSS6.4AI score0.03016EPSS
Exploits0References9
Rows per page
Query Builder