Lucene search
K

1434 matches found

NVD
NVD
added 2025/05/13 1:15 a.m.38 views

CVE-2025-30012

The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component, which allows an unauthenticated attacker to send malicious payload request in a specific encoding format. The servlet will then decode this malicious request which will result in...

10CVSS0.00702EPSS
Exploits0References2
NVD
NVD
added 2025/05/13 1:15 a.m.14 views

CVE-2025-30010

The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to craft a malicious link, which when clicked by a victim, redirects the browser to a malicious site. On successfu...

6.1CVSS0.00261EPSS
Exploits0References2
OSV
OSV
added 2025/05/13 1:15 a.m.4 views

CVE-2025-30011

The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to send an malicious request to the application, which could disclose the internal version details of the affected...

5.3CVSS5.8AI score0.00316EPSS
Exploits0References2
OSV
OSV
added 2025/05/13 1:15 a.m.6 views

CVE-2025-30009

he Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to execute malicious script in the victim�s browser. This vulnerability has low impact on confidentiality and...

6.1CVSS5.9AI score0.00255EPSS
Exploits0References2
NVD
NVD
added 2025/05/13 1:15 a.m.14 views

CVE-2025-30009

he Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to execute malicious script in the victim�s browser. This vulnerability has low impact on confidentiality and...

6.1CVSS0.00255EPSS
Exploits0References2
OSV
OSV
added 2025/05/13 1:15 a.m.5 views

CVE-2025-30010

The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to craft a malicious link, which when clicked by a victim, redirects the browser to a malicious site. On successfu...

6.1CVSS5.8AI score0.00261EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/05/13 12:14 a.m.10 views

CVE-2025-30012 Multiple vulnerabilities in SAP Supplier Relationship Management (Live Auction Cockpit)

The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component, which allows an unauthenticated attacker to send malicious payload request in a specific encoding format. The servlet will then decode this malicious request which will result in...

10CVSS9.7AI score0.00702EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/13 12:14 a.m.20 views

CVE-2025-30012 Multiple vulnerabilities in SAP Supplier Relationship Management (Live Auction Cockpit)

The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component, which allows an unauthenticated attacker to send malicious payload request in a specific encoding format. The servlet will then decode this malicious request which will result in...

10CVSS0.00702EPSS
Exploits0References2
CVE
CVE
added 2025/05/13 12:14 a.m.74 views

CVE-2025-30012

CVE-2025-30012 affects the SAP SRM Live Auction Cockpit component, where a deprecated Java applet enables an unauthenticated attacker to trigger deserialization of a crafted payload, leading to execution of arbitrary OS commands with SAP Administrator privileges. The cited impact is high on confi...

10CVSS6.8AI score0.00702EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2025/05/13 12:12 a.m.18 views

CVE-2025-30009 Multiple vulnerabilities in SAP Supplier Relationship Management (Live Auction Cockpit)

he Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to execute malicious script in the victim�s browser. This vulnerability has low impact on confidentiality and...

6.1CVSS0.00255EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/05/13 12:0 a.m.8 views

PT-2025-20808 · Sap · Sap Supplier Relationship Management

Name of the Vulnerable Software and Affected Versions: SAP Supplier Relationship Management SRM affected versions not specified Description: The issue concerns the Live Auction Cockpit in SAP Supplier Relationship Management SRM, which utilizes a deprecated Java applet component. This component...

10CVSS9.2AI score0.00702EPSS
Exploits0References11
CNNVD
CNNVD
added 2025/05/13 12:0 a.m.5 views

SAP Supplier Relationship Management 输入验证错误漏洞

SAP supplier relationship management is a supplier relationship management software developed by SAP Germany. An input validation error vulnerability exists in SAP supplier relationship management, which stems from the use of a deprecated Java applet component that can be exploited by an attacker...

6.1CVSS6.7AI score0.00261EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/05/13 12:0 a.m.5 views

SAP Supplier Relationship Management 安全漏洞

SAP supplier relationship management is a supplier relationship management software developed by SAP Germany. An information disclosure vulnerability exists in SAP supplier relationship management, which stems from the use of a deprecated Java applet component, and can be exploited by an attacker...

5.3CVSS6.2AI score0.00316EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/05/13 12:0 a.m.6 views

SAP Supplier Relationship Management 跨站脚本漏洞

SAP supplier relationship management is a supplier relationship management software developed by SAP Germany. A cross-site scripting vulnerability exists in SAP supplier relationship management, which stems from the use of a deprecated Java applet component that can be exploited by an attacker to...

6.1CVSS6.2AI score0.00255EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/05/13 12:0 a.m.8 views

PT-2025-20805 · Sap · Sap Srm

Name of the Vulnerable Software and Affected Versions: SAP Supplier Relationship Management SRM affected versions not specified Description: The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated Java applet component, allowing an unauthenticated attacker to execut...

6.1CVSS6.3AI score0.00255EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/05/13 12:0 a.m.6 views

SAP Supplier Relationship Management 代码问题漏洞

SAP Supplier Relationship Management SRM is a supplier relationship management solution from SAP, Germany. The product automates purchasing and acquisition processes within an organization as well as between suppliers, and provides functions such as invoicing. A code issue vulnerability exists in...

10CVSS9.3AI score0.00702EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/05/13 12:0 a.m.9 views

PT-2025-20807 · Sap · Sap Srm

Name of the Vulnerable Software and Affected Versions: SAP Supplier Relationship Management SRM affected versions not specified Description: The issue concerns the use of a deprecated java applet component within the Live Auction Cockpit in SAP SRM. This allows an unauthenticated attacker to send...

5.3CVSS6AI score0.00316EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/05/13 12:0 a.m.5 views

PT-2025-20806 · Sap · Sap Srm

Name of the Vulnerable Software and Affected Versions: SAP Supplier Relationship Management SRM affected versions not specified Description: The issue concerns the use of a deprecated java applet component within the Live Auction Cockpit in SAP SRM. This allows an unauthenticated attacker to craf...

6.1CVSS6AI score0.00261EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2025/04/29 2:2 a.m.40 views

Security Bulletin:IBM TRIRIGA Application Platform may be be afftected by known vulnerabilities in db2jcc4.jar (CVE-2007-2582)

Summary IBM TRIRIGA Application may be vulnerable to mutiple buffer overflows in DB2 Vulnerability Details CVEID:CVE-2007-2582 DESCRIPTION: Multiple buffer overflows in the DB2 JDBC Applet Server DB2JDS service in IBM DB2 9.x and earlier allow remote attackers to 1 execute arbitrary code via a...

10CVSS9.5AI score0.26989EPSS
Exploits1Affected Software1
Tenable Nessus
Tenable Nessus
added 2025/03/05 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-49345

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Temporary data passed between application components by Budgie Extras Takeabreak applet could potentially be viewed or manipulated. The data is stored in a...

7.8CVSS7AI score0.00303EPSS
Exploits0References3
Rows per page
Query Builder