557 matches found
CVE-2026-57912
Johnson & Johnson Campus Recruiting before 2025-10-31 allows viewing of data provided by recruited students, and notes entered about students by interviewers...
CVE-2026-57912
Johnson & Johnson Campus Recruiting before 2025-10-31 allows viewing of data provided by recruited students, and notes entered about students by interviewers...
CVE-2026-57912
Johnson & Johnson Campus Recruiting before 2025-10-31 allows viewing of data provided by recruited students, and notes entered about students by interviewers...
CVE-2026-57912
This CVE concerns the Johnson & Johnson Campus Recruiting web application (pre-2025-10-31), where data provided by recruited students and notes entered by interviewers may be viewed by unauthorized parties. The vulnerability implies an exposure of personal/student data with no available details o...
EUVD-2026-39643
Johnson & Johnson Campus Recruiting before 2025-10-31 allows viewing of data provided by recruited students, and notes entered about students by interviewers...
CVE-2026-46979
Vulnerability in the PeopleSoft Enterprise CS Campus Community product of Oracle PeopleSoft component: Integration and Interfaces. The supported version that is affected is 9.2.38. Easily exploitable vulnerability allows high privileged attacker with network access via HTTPS to compromise...
CVE-2026-46851
Vulnerability in the PeopleSoft Enterprise CS Campus Community product of Oracle PeopleSoft component: Security. The supported version that is affected is 9.2.38. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise CS...
PT-2026-50076
🚨 CVE-2026-46979 Vulnerability in the PeopleSoft Enterprise CS Campus Community product of Oracle PeopleSoft component: Integration and Interfaces. The supported version that is affected is 9.2.38. Easily exploitable vulnerability allows high privileged attacker with network access via HTTPS to...
PT-2026-49959
Name of the Vulnerable Software and Affected Versions PeopleSoft Enterprise CS Campus Community version 9.2.38 Description An issue in the Security component allows an unauthenticated attacker with network access via HTTP to compromise the system. Successful exploitation can result in a complete...
Chilling Effects
Younger Americans have soured on the second Donald Trump presidency, but they are not protesting it. Despite an unpopular Iran war and an even more unpopular Trump administration, college campus protests nationwide have gone silent. And at many schools, student activism is virtually nonexistent...
MAL-2026-3809 Malicious code in @tc-core/campus-service (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c58f691cfdb7301c271067776e2e3bc260d4cbb8880345d03e840729d849b580 The package @tc-core/campus-service was found to contain malicious code. Source: ossf-package-analysis...
Malicious code in @tc-core/campus-service (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c58f691cfdb7301c271067776e2e3bc260d4cbb8880345d03e840729d849b580 The package @tc-core/campus-service was found to contain malicious code. Source: ossf-package-analysis...
CVE-2026-3111
Insecure Direct Object Reference IDOR vulnerability in Campus Educativa specifically at the endpoint '/archivos/usuarios/ID/username/thumbAAxAA.jpg' translated as 80x90 and 40x45. Successful exploitation of this vulnerability could allow an unauthenticated attacker to access the profile photos of...
CVE-2026-3110
Insecure Direct Object Reference IDOR vulnerability in Campus Educativa specifically at the endpoint '/administracion/adminusuarios.cgi?filtroestado=T=listadoxlsx===altausuariocursoActual=ID' where the data of users enrolled in the course is exported. Successful exploitation of this vulnerability...
HackerOne, Mazda, Infinite Campus and Dutch Ministry Hit by Data Breaches
HackerOne, Mazda, Infinite Campus and the Dutch Ministry report data breaches, exposing employee and partner data across multiple sectors worldwide...
EUVD-2026-12378
Insecure Direct Object Reference IDOR vulnerability in Campus Educativa specifically at the endpoint '/administracion/adminusuarios.cgi?filtroestado=T&wAccion=listadoxlsx&wBuscar=&wFiltrar=&wOrden=altausuario&widcursoActual=ID' where the data of users enrolled in the course is exported. Successfu...
CVE-2026-3111
Insecure Direct Object Reference IDOR vulnerability in Campus Educativa specifically at the endpoint '/archivos/usuarios/ID/username/thumbAAxAA.jpg' translated as 80x90 and 40x45. Successful exploitation of this vulnerability could allow an unauthenticated attacker to access the profile photos of...
CVE-2026-3110
Insecure Direct Object Reference IDOR vulnerability in Campus Educativa specifically at the endpoint '/administracion/adminusuarios.cgi?filtroestado=T&wAccion=listadoxlsx&wBuscar=&wFiltrar=&wOrden=altausuario&widcursoActual=ID' where the data of users enrolled in the course is exported. Successfu...
CVE-2026-3111
Insecure Direct Object Reference IDOR vulnerability in Campus Educativa specifically at the endpoint '/archivos/usuarios/ID/username/thumbAAxAA.jpg' translated as 80x90 and 40x45. Successful exploitation of this vulnerability could allow an unauthenticated attacker to access the profile photos of...
CVE-2026-3111
CVE-2026-3111 affects Educativa Campus. An Insecure Direct Object Reference permits an unauthenticated attacker to access any user’s profile photo via the manipulated URL /archivos/usuarios/[ID]/[username]/thumb_AAxAA.jpg (80x90 and 40x45). The provided metrics state CVSS v4 base score 6.9 (Netwo...