341 matches found
Dolibarr ERP/CRM Authenticated Code Injection
Dolibarr ERP/CRM before 17.0.1 allows remote code execution by an authenticated user who has access to the Website module. The application filters lowercase use exploit/unix/http/dolibarrcmsrcecve202330253 msf exploitdolibarrcmsrcecve202330253 show targets ...targets... msf...
EUVD-2026-24358
Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft component: Job Profile Manager. The supported version that is affected is 9.2. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft...
CVE-2026-34297
Vulnerability in the Oracle HCM Common Architecture product of Oracle E-Business Suite component: Knowledge Integration. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle HCM...
Oracle PeopleSoft Enterprise HCM Absence 安全漏洞
Oracle PeopleSoft Enterprise HCM Absence is a workforce absence and leave management system developed by Oracle Corporation. Version 9.2 of Oracle PeopleSoft Enterprise HCM Absence contains a security vulnerability. This vulnerability stems from issues with the Absence Management component, which...
PT-2026-34104
Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft component: Job Profile Manager. The supported version that is affected is 9.2. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise PeopleSoft...
PT-2026-34121
Name of the Vulnerable Software and Affected Versions Oracle HCM Common Architecture versions 12.2.3 through 12.2.15 Description An issue in the Knowledge Integration component of Oracle E-Business Suite allows an unauthenticated attacker with network access via HTTP to compromise Oracle HCM Comm...
Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks
A "novel" social engineering campaign has been observed abusing Obsidian, a cross-platform note-taking application, as an initial access vector to distribute a previously undocumented Windows remote access trojan called PHANTOMPULSE in attacks targeting individuals in the financial and...
Vulnerabilities fixed in SAP products
SAP has fixed vulnerabilities in several SAP products, including SAP Supplier Relationship Management, SAP BusinessObjects Business Intelligence Platform, SAP NetWeaver Application Server Java and ABAP, SAP Landscape Transformation, SAP Business Planning and Consolidation, SAP Business Warehouse,...
CVE-2026-34264 Information Disclosure vulnerability in SAP Human Capital Management for SAP S/4HANA
During authorization checks in SAP Human Capital Management for SAP S/4HANA, the system returns specific messages. Due to this, an authenticated user with low privileges could guess and enumerate the content shown, beyond their authorized scope. This leads to disclosure of sensitive information...
CVE-2026-34264 Information Disclosure vulnerability in SAP Human Capital Management for SAP S/4HANA
During authorization checks in SAP Human Capital Management for SAP S/4HANA, the system returns specific messages. Due to this, an authenticated user with low privileges could guess and enumerate the content shown, beyond their authorized scope. This leads to disclosure of sensitive information...
EUVD-2026-22174
During authorization checks in SAP Human Capital Management for SAP S/4HANA, the system returns specific messages. Due to this, an authenticated user with low privileges could guess and enumerate the content shown, beyond their authorized scope. This leads to disclosure of sensitive information...
CVE-2026-34264
During authorization checks in SAP Human Capital Management for SAP S/4HANA, the system returns specific messages. Due to this, an authenticated user with low privileges could guess and enumerate the content shown, beyond their authorized scope. This leads to disclosure of sensitive information...
PT-2026-32570
During authorization checks in SAP Human Capital Management for SAP S/4HANA, the system returns specific messages. Due to this, an authenticated user with low privileges could guess and enumerate the content shown, beyond their authorized scope. This leads to disclosure of sensitive information...
SAP Human Capital Management 安全漏洞
SAP Human Capital Management is a corporate human resources management and employee lifecycle management system developed by the German company SAP. There is a security vulnerability in SAP Human Capital Management. This vulnerability stems from specific messages returned by the system during...
CVE-2026-27687
Due to missing authorization check in SAP S/4HANA HCM Portugal and SAP ERP HCM Portugal, a user with high privileges could access sensitive data belonging to another company. This vulnerability has a high impact on confidentiality and does not affect integrity and availability...
EUVD-2026-10460
Due to missing authorization check in SAP S/4HANA HCM Portugal and SAP ERP HCM Portugal, a user with high privileges could access sensitive data belonging to another company. This vulnerability has a high impact on confidentiality and does not affect integrity and availability...
EUVD-2026-10461
Due to missing authorization check in SAP S/4HANA HCM Portugal and SAP ERP HCM Portugal, a user with high privileges could access sensitive data belonging to another company. This vulnerability has a high impact on confidentiality and does not affect integrity and availability...
CVE-2026-27687
Due to missing authorization check in SAP S/4HANA HCM Portugal and SAP ERP HCM Portugal, a user with high privileges could access sensitive data belonging to another company. This vulnerability has a high impact on confidentiality and does not affect integrity and availability...
CVE-2026-27687 Missing Authorization check in SAP S/4HANA HCM Portugal and SAP ERP HCM Portugal
Due to missing authorization check in SAP S/4HANA HCM Portugal and SAP ERP HCM Portugal, a user with high privileges could access sensitive data belonging to another company. This vulnerability has a high impact on confidentiality and does not affect integrity and availability...
SAP S/4HANA HCM Portugal和SAP ERP HCM Portugal 安全漏洞
SAP S/4HANA HCM Portugal and SAP ERP HCM Portugal are both human capital management modules developed by the German company SAP. Both systems have security vulnerabilities; these vulnerabilities stem from the lack of authorization checks, which may allow users with high privileges to access...