CVE-2026-24035

Horilla is a free and open source Human Resource Management System HRMS. An Improper Access Control vulnerability exists in Horilla HR Software starting in version 1.4.0 and prior to version 1.5.0, allowing any authenticated employee to upload documents on behalf of another employee without prope...

CVE-2025-0309 Netskope Client Local Elevation of Privileges

An insufficient validation on the server connection endpoint in Netskope Client allows local users to elevate privileges on the system. The insufficient validation allows Netskope Client to connect to any other server with Public Signed CA TLS certificates and send specially crafted responses to...

CVE-2025-0309

CVE-2025-0309 describes a local privilege escalation in Netskope Client for Windows due to insufficient validation on the server connection endpoint. An attacker-controlled server using publicly signed TLS certificates can cause the client to send specially crafted responses, enabling privilege e...

The vulnerability of the Collaboration Portal component of the SAP Transportation Management system allows a hacker to execute an SSRF attack.

The vulnerability of the Collaboration Portal component of the SAP Transportation Management system is related to insufficient validation of requests on the server side. Exploiting this vulnerability allows a malicious actor to execute an SSRF attack remotely...