24 matches found
CVE-2026-46892
Vulnerability in the JD Edwards EnterpriseOne Human Resources Management product of Oracle JD Edwards component: Human Resources. The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards...
PT-2026-34058
Frappe HR is an open-source human resources management solution HRMS. Prior to versions 15.58.1 and 16.4.1, an authenticated user with default role can access unauthorized information by exploiting certain api endpoint. Versions 15.58.1 and 16.4.1 contain a patch. No known workarounds are availab...
CVE-2026-24037
Horilla is a free and open source Human Resource Management System HRMS. In version 1.4.0, the hasxss function attempts to block XSS by matching input against a set of regex patterns. However, the regexes are incomplete and context-agnostic, making them easy to bypass. Attackers are able to...
EUVD-2020-22747
Malware in sbrugna...
EUVD-2021-9533
Malicious code in bioql PyPI...
EUVD-2025-19802
Malicious code in bioql PyPI...
CVE-2025-10197 HJSoft HCM Human Resources Management System downlawbase sql injection
A vulnerability was found in HJSoft HCM Human Resources Management System up to 20250822. Affected by this vulnerability is an unknown functionality of the file /templates/attestation/../../selfservice/lawresource/downlawbase. Performing manipulation of the argument ID results in sql injection...
CVE-2025-10197
CVE-2025-10197 concerns HJSoft HCM Human Resources Management System (up to 20250822). The vulnerability is a SQL injection in an unknown functionality of the file path /templates/attestation/../../selfservice/lawresource/downlawbase, triggered by manipulating the ID argument. Remote exploitation...
PT-2025-36545
Name of the Vulnerable Software and Affected Versions: SAP HCM My Timesheet Fiori 2.0 application affected versions not specified Description: The SAP HCM My Timesheet Fiori 2.0 application does not perform necessary authorization checks for an authenticated user, resulting in escalation of...
CVE-2021-22387
There is an Improper Control of Dynamically Managing Code Resources Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may allow attempts to remotely execute commands...
CVE-2025-22054 arcnet: Add NULL check in com20020pci_probe()
In the Linux kernel, the following vulnerability has been resolved: arcnet: Add NULL check in com20020pciprobe devmkasprintf returns NULL when memory allocation fails. Currently, com20020pciprobe does not check for this case, which results in a NULL pointer dereference. Add NULL check after...
Human Resources Management System 1.0 SQL Injection Vulnerability
Exploit Title: Human Resources Management System - HRM - Multiple SQLi Exploit Author: Abdulhakim Öner Vendor Homepage: https://www.sourcecodester.com Software Link: https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.html Software...
[SECURITY] Fedora 37 Update: plasma-discover-5.27.1-2.fc37
KDE and Plasma resources management GUI...
CVE-2022-3497
A vulnerability was found in SourceCodester Human Resource Management System 1.0. It has been classified as problematic. Affected is an unknown function of the component Master List. The manipulation of the argument city/state/country/position leads to cross site scripting. It is possible to laun...
CVE-2022-3493
A vulnerability, which was classified as problematic, has been found in SourceCodester Human Resource Management System 1.0. This issue affects some unknown processing of the component Add Employee Handler. The manipulation of the argument First Name/Middle Name/Last Name leads to cross site...
Cisco IOS XE Wireless Controller software denial of service vulnerability
A denial of service vulnerability exists in Cisco IOS XE Wireless Controller Software, a wireless LAN controller from Cisco, which stems from a logical error in the handling of CAPWAP Mobility The vulnerability is caused by a logic error and mismanagement of resources when handling CAPWAP Mobilit...
SAP ERP HCM 安全漏洞
SAP ERP HCM is an enterprise human resource management solution from SAP, Germany. A security vulnerability exists in SAP ERP HCM that stems from the fact that SAP ERP HCM Portugal does not perform the necessary authorization checks on reports that read employee payroll data for a specific region...
Oracle E-Business Suite Unauthorized Access Vulnerability (CNVD-2021-57445)
Oracle E-Business Suite is an extension of the original Application ERP, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management, and so on, a collection of management software, is seamlessly integrated with a management suite. Oracle Human...
MintHCM Cross-Site Scripting Vulnerability
MINTHCM is a human resources management software developed by MINTHCM MintHCM A cross-site scripting vulnerability exists in version 3.0.8. The vulnerability stems from the Import feature that allows an attacker to perform cross-site scripting XSS loads in file uploads, which can be exploited by ...
[SECURITY] Fedora 34 Update: plasma-discover-5.21.3-1.fc34
KDE and Plasma resources management GUI...