Jdedwards Enterpriseone vulnerabilities

CVE-2020-1967 [HIGH] CWE-476 CVE-2020-1967: Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 han Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by

CVE-2008-5455 [MEDIUM] CVE-2008-5455: Unspecified vulnerability in the PeopleSoft Enterprise HRMS - ePerformance component in Oracle Peopl Unspecified vulnerability in the PeopleSoft Enterprise HRMS - ePerformance component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9.18 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

CVE-2008-5452 [MEDIUM] CVE-2008-5452: Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Enterpris Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9.18 allows remote authenticated users to affect confidentiality and integrity via unknown vectors.

CVE-2008-5451 [MEDIUM] CVE-2008-5451: Unspecified vulnerability in the JD Edwards Tools component in Oracle PeopleSoft Enterprise and JD E Unspecified vulnerability in the JD Edwards Tools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.97.2.5 allows remote authenticated users to affect confidentiality via unknown vectors.

CVE-2008-4000 [MEDIUM] CVE-2008-4000: Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edward Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.48.18 and 8.49.14 allows remote attackers to affect confidentiality and integrity via unknown vectors. NOTE: the previous information was obtained from the Oracle October 2008 CPU. Oracle has not commented on reliable researcher claims that th

CVE-2008-4004 [LOW] CVE-2008-4004: Unspecified vulnerability in the JDE EnterpriseOne Business Service Server component in Oracle Peopl Unspecified vulnerability in the JDE EnterpriseOne Business Service Server component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.97.2.2 and 8.98.0.1 allows local users to affect confidentiality and integrity via unknown vectors.

CVE-2008-1828 [CRITICAL] CVE-2008-1828: Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise an Unspecified vulnerability in the PeopleSoft PeopleTools component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.22.19, 8.48.16, and 8.49.09 has unknown impact and remote authenticated attack vectors, aka PSE01.

CVE-2008-1830 [CRITICAL] CVE-2008-1830: Unspecified vulnerability in the PeopleSoft HCM ePerformance component in Oracle PeopleSoft Enterpri Unspecified vulnerability in the PeopleSoft HCM ePerformance component in Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne 8.9 and 9.0 has unknown impact and remote attack vectors, aka PSE03.