Oracle: >> Peoplesoft Enterprise Peopletools >> 8.54 Security Vulnerabilities
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 through 8.55 allows remote authenticated users to affect confidentiality and integrity via vectors related to the Activity Guide sub-component.
CVSS Score
5.4
EPSS Score
0.003
Published
2016-04-21
ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions.
CVSS Score
5.9
EPSS Score
0.182
Published
2016-02-15
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote authenticated users to affect confidentiality via unknown vectors related to File Processing.
CVSS Score
4.0
EPSS Score
0.003
Published
2016-01-21
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote authenticated users to affect integrity via vectors related to PIA Core Technology.
CVSS Score
3.5
EPSS Score
0.002
Published
2016-01-21
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.54 and 8.55 allows remote authenticated users to affect integrity via unknown vectors related to Fluid Core.
CVSS Score
3.5
EPSS Score
0.002
Published
2016-01-21
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 and 8.54 allows remote attackers to affect confidentiality via unknown vectors related to Multichannel Framework.
CVSS Score
4.3
EPSS Score
0.005
Published
2016-01-21
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53, 8.54, and 8.55 allows remote attackers to affect confidentiality via unknown vectors related to Portal.
CVSS Score
4.3
EPSS Score
0.005
Published
2016-01-21
Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft Products 8.53 and 8.54 allows remote authenticated users to affect confidentiality via unknown vectors related to Multichannel Framework, a different vulnerability than CVE-2015-2650.
CVSS Score
4.0
EPSS Score
0.003
Published
2016-01-21
The Bouncy Castle Java library before 1.51 does not validate a point is withing the elliptic curve, which makes it easier for remote attackers to obtain private keys via a series of crafted elliptic curve Diffie Hellman (ECDH) key exchanges, aka an "invalid curve attack."
CVSS Score
5.0
EPSS Score
0.007
Published
2015-11-09
Page 8