CVE-2026-21789

HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios...

CVE-2026-21789 HCL Connections is vulnerable to broken access control

HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios...

HCL Connections 安全漏洞

HCL Connections is a corporate collaboration platform developed by the Indian company HCL. There is a security vulnerability in HCL Connections, which stems from ineffective access control. This vulnerability may allow unauthorized users to update data in certain scenarios...

BIT-JAVA-MIN-2024-21094

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.10, 21.0.2, 22; Oracl...

EUVD-2026-24403

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft component: Workflow. Supported versions that are affected are 8.61-8.62. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools...

PT-2026-34126

Vulnerability in the Oracle Workflow product of Oracle E-Business Suite component: Workflow Loader. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Workflow. While the...

CVE-2026-32300

Connect-CMS is a content management system. In versions on the 1.x series up to and including 1.41.0 and versions on the 2.x series up to and including 2.41.0, an improper authorization issue in the My Page profile update feature may allow modification of arbitrary user information. Versions 1.41...

CVE-2026-2941 Linksy Search and Replace <= 1.0.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Database Update via linksy_search_and_replace_item_details

The Linksy Search and Replace plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'linksysearchandreplaceitemdetails' function in all versions up to, and including, 1.0.4. This makes it possible for authenticated attackers, with...

CVE-2025-31961

HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios...

CVE-2025-31961

HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios...

CVE-2025-31961

Technical details about CVE-2025-31961 are not publicly available in the provided documents. Monitor for updates; no confirmed affected products/versions, exploit details, or fixes are disclosed here.

CVE-2025-31961 HCL Connections is vulnerable to broken access control

HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios...

CVE-2021-2147

Vulnerability in the Oracle ZFS Storage Appliance Kit product of Oracle Systems component: Installation. The supported version that is affected is 8.8. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle ZFS Storage Appliance Kit execut...

CVE-2024-42188

HCL Connections is vulnerable to a broken access control vulnerability that may allow an unauthorized user to update data in certain scenarios...

CLSA-2024-1730920734 java-1.8.0-openjdk: Fix of 4 CVEs

Upgrade to shenandoah-jdk8u432-b06 fixing the following CVEs: - CVE-2024-21208: unauthorized partial DoS vulnerability - CVE-2024-21210: unauthorized update, insert, or delete access to some of data - CVE-2024-21217: unauthorized partial DoS vulnerability - CVE-2024-21235: unauthorized update,...

CVE-2023-37541

HCL Connections contains a broken access control vulnerability that may allow unauthorized user to update data in certain scenarios...

HCL Technologies HCL Connections Security Breach

HCL Technologies HCL Connections is a suite of enterprise collaboration platforms from HCL Technologies, USA. A security vulnerability exists in HCL Connections that stems from allowing unauthorized users to update data under certain circumstances...

CVE-2024-3748 SP Project & Document Manager <= 4.71 - Data Update via IDOR

The SP Project & Document Manager WordPress plugin through 4.71 is missing validation in its upload function, allowing a user to manipulate the userid to make it appear that a file was uploaded by another user...

CVE-2023-21992

Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft component: Administer Workforce. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft...

SUSE CVE-2018-2812

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successfu...