AZL-61673 CVE-2024-58134 affecting package perl-Mojolicious 8.57-3

Mojolicious versions from 0.999922 for Perl uses a hard coded string, or the application's class name, as an HMAC session cookie secret by default. These predictable default secrets can be exploited by an attacker to forge session cookies. An attacker who knows or guesses the secret could compute...

AZL-43936 CVE-2020-36829 affecting package perl-Mojolicious 8.57-3

The Mojolicious module before 8.65 for Perl is vulnerable to securecompare timing attacks that allow an attacker to guess the length of a secret string. Only versions after 1.74 are affected...

AZL-45273 CVE-2021-47208 affecting package perl-Mojolicious 8.57-3

The Mojolicious module before 9.11 for Perl has a bug in format detection that can potentially be exploited for denial of service...

CVE-2022-21369

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Rich Text Editor. Supported versions that are affected are 8.57, 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

CVE-2022-21364

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Weblogic. Supported versions that are affected are 8.57, 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...

Oracle PeopleSoft Products 安全漏洞

Oracle PeopleSoft Enterprise PeopleTools provides a comprehensive set of development tools to support the development and runtime of PeopleSoft applications.Oracle PeopleSoft Enterprise PeopleTools versions 8.57, 8.58, 8.59 A security vulnerability exists in the SQR component. An attacker could u...

Oracle PeopleSoft Enterprise PeopleTools 安全漏洞

Oracle PeopleSoft Enterprise PeopleTools provides a comprehensive set of development tools that support the development and runtime of PeopleSoft applications. A security vulnerability exists in the Multichannel Framework component in Oracle PeopleSoft Enterprise PeopleTools versions 8.56, 8.57,...

Unspecified Vulnerability in Oracle PeopleSoft Enterprise PeopleTools (CNVD-2020-59224)

Oracle PeopleSoft Enterprise PeopleTools provides a comprehensive set of development tools that support the development and runtime of PeopleSoft applications. A security vulnerability exists in the Query component in Oracle PeopleSoft Enterprise PeopleTools 8.56, 8.57, and 8.58. An attacker coul...

Code injection

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: PIA Core Technology. Supported versions that are affected are 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

Oracle PeopleSoft Enterprise PeopleTools Unauthorized Access Vulnerability (CNVD-2020-23830)

Oracle PeopleSoft Products is a suite of enterprise human capital management solutions from Oracle Corporation. The products provide human capital management, financial management, supplier relationship management, etc. PeopleSoft Enterprise PeopleTools is one of the tools and technology platform...

CVE-2020-2868

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Diagnostic Framework. Supported versions that are affected are 8.56, 8.57 and 8.58. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft...

Oracle PeopleSoft Enterprise PeopleTools Unauthorized Access Vulnerability (CNVD-2020-05103)

Oracle PeopleSoft Enterprise PeopleTools provides a comprehensive set of development tools that support the development and runtime of PeopleSoft applications. A security vulnerability exists in the PIA Core Technology component in Oracle PeopleSoft Enterprise PeopleTools 8.56, 8.57. An attacker...

CVE-2020-2687

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Elastic Search. Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...

CVE-2019-2985

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Fluid Core. Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...

CVE-2019-2929

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Portal. Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise...

CVE-2019-2772

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: Activity Guide. Supported versions that are affected are 8.55, 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

CVE-2019-2748

Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products subcomponent: Application Server. Supported versions that are affected are 8.55, 8.56 and 8.57. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2019-2594

Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products subcomponent: Application Server. Supported versions that are affected are 8.55, 8.56 and 8.57. Difficult to exploit vulnerability allows low privileged attacker with network access via HTTP to...

CVE-2019-2598

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: SQR. Supported versions that are affected are 8.55, 8.56 and 8.57. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft...

CVE-2019-2443

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: XML Publisher. Supported versions that are affected are 8.55, 8.56 and 8.57. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise...