2 matches found
CVE-2026-40866 Horilla: Unauthorized Document Overwrite via File Upload Endpoint
Horilla is a free and open source Human Resource Management System HRMS. In 1.5.0, an insecure direct object reference in the employee document upload endpoint allows any authenticated user to overwrite or replace or corrupt another employee’s document by changing the document ID in the upload...
SUSE SLED15 / SLES15 Security Update : libreoffice (SUSE-SU-2019:2003-1)
This update for libreoffice fixes the following issues : LibreOffice was updated to 6.2.5.2 fate327121. Security issue fixed : CVE-2018-16858: LibreOffice was vulnerable to a directory traversal attack which could be used to execute arbitrary macros bundled with a document. An attacker could craf...