WordPress Hr Press Lite plugin <= 1.0.2 - Missing Authorization to Authenticated (Subscriber+) Sensitive Employee Information Exposure vulnerability

Missing Authorization to Authenticated Subscriber+ Sensitive Employee Information Exposure vulnerability discovered by WordFence in WordPress Plugin Hr Press Lite versions = 1.0.2...

EUVD-2020-19341

Malware in sbrugna...

EUVD-2025-4093

Malicious code in bioql PyPI...

CVE-2025-43008

Due to missing authorization check, an unauthorized user can view the files of other company. This might lead to disclosure of personal data of employees. There is no impact on integrity and availability...

CVE-2025-25241

Due to a missing authorization check, an attacker who is logged in to application can view/ delete �My Overtime Requests� which could allow the attacker to access employee information. This leads to low impact on confidentiality, integrity of the application. There is no impact on availability...

CVE-2025-25241

Due to a missing authorization check, an attacker who is logged in to application can view/ delete �My Overtime Requests� which could allow the attacker to access employee information. This leads to low impact on confidentiality, integrity of the application. There is no impact on availability...

CVE-2025-25241

CVE-2025-25241 affects SAP Fiori Apps Reference Library (My Overtime Requests). The root cause is a missing authorization check, permitting a logged-in attacker to view or delete My Overtime Requests and potentially access employee information. The described impact is low for confidentiality and ...

CVE-2025-25241 Missing Authorization check in SAP Fiori Apps Reference Library (My Overtime Requests)

Due to a missing authorization check, an attacker who is logged in to application can view/ delete �My Overtime Requests� which could allow the attacker to access employee information. This leads to low impact on confidentiality, integrity of the application. There is no impact on availability...

CVE-2025-25241 Missing Authorization check in SAP Fiori Apps Reference Library (My Overtime Requests)

Due to a missing authorization check, an attacker who is logged in to application can view/ delete �My Overtime Requests� which could allow the attacker to access employee information. This leads to low impact on confidentiality, integrity of the application. There is no impact on availability...

PT-2025-6135 · Sap · Sap Fiori Apps Reference Library

Name of the Vulnerable Software and Affected Versions: SAP Fiori Apps Reference Library My Overtime Requests affected versions not specified Description: The issue is caused by a missing authorization check, allowing an attacker who is logged in to the application to view or delete 'My Overtime...

Health Care hospital Management System SQL Injection Vulnerability

Health Care hospital Management System is an open source health care hospital management system from Code-Projects. A SQL injection vulnerability exists in Health Care hospital Management System v1.0, which originated from a vulnerability that allows an attacker to execute arbitrary web script or...

Dolibarr vulnerable to unauthenticated database access

An issue in Dolibarr v16.0.0 to v16.0.5 allows unauthenticated attackers to perform a database dump and access a company's entire customer file, prospects, suppliers, and employee information if a contact file exists...

CVE-2023-33568

An issue in Dolibarr 16 before 16.0.5 allows unauthenticated attackers to perform a database dump and access a company's entire customer file, prospects, suppliers, and employee information if a contact file exists...

CVE-2023-33568

An issue in Dolibarr 16 before 16.0.5 allows unauthenticated attackers to perform a database dump and access a company's entire customer file, prospects, suppliers, and employee information if a contact file exists...

Maternal & Family Health Services discloses ransomware attack months after discovery

Maternal & Family Health Services MFHS, a nonprofit healthcare giant based in Pennsylvania, said in an advisory and press release that it has suffered a ransomware attack which led to the potential exposure of sensitive data of patients, employees, and vendors. That data includes names, addresses...

Telstra Telecom Suffers Data Breach Potentially Exposing Employee Information

Australia's largest telecommunications company Telstra disclosed that it was the victim of a data breach through a third-party, nearly two weeks after Optus reported a breach of its own. "There has been no breach of Telstra's systems," Narelle Devine, the company's chief information security...

US branch of Israeli defense contractor Elbit hit by data breach

By Waqas According to the breach notification, 369 Elbit Systems employees got their information stolen by the attackers. This is a post from HackRead.com Read the original post: US branch of Israeli defense contractor Elbit hit by data breach...

Nortek Linear eMerge E3-Series Credential Disclosure

Exploit Title: Nortek Linear eMerge E3-Series - Information Disclosure lead to access admin dashboard Exploit Author: Omar Hashim Version: 0.32-07p,0.32-07e,0.32-07p,0.32-08f,0.32-09c Vendor home page : https://www.nortekcontrol.com/access-control/ Vendor home page : https://linear-solutions.com/...

Hackers Who Broke Into NVIDIA's Network Leak DLSS Source Code Online

American chipmaking company NVIDIA on Tuesday confirmed that its network was breached as a result of a cyber attack, enabling the perpetrators to gain access to sensitive data, including source code purportedly associated with its Deep Learning Super Sampling DLSS technology. "We have no evidence...

CVE-2020-26805

In Sentrifugo 3.2, admin can edit employee's informations via this endpoint -- /sentrifugo/index.php/empadditionaldetails/edit/userid/2. In this POST request, "employeeNumId" parameter is affected by SQLi vulnerability. Attacker can inject SQL commands into query, read data from database or write...