1434 matches found
CVE-2025-30012
The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component, which allows an unauthenticated attacker to send malicious payload request in a specific encoding format. The servlet will then decode this malicious request which will result in...
CVE-2025-30010
The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to craft a malicious link, which when clicked by a victim, redirects the browser to a malicious site. On successfu...
CVE-2025-30011
The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to send an malicious request to the application, which could disclose the internal version details of the affected...
CVE-2025-30009
he Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to execute malicious script in the victim�s browser. This vulnerability has low impact on confidentiality and...
CVE-2025-30009
he Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to execute malicious script in the victim�s browser. This vulnerability has low impact on confidentiality and...
CVE-2025-30010
The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to craft a malicious link, which when clicked by a victim, redirects the browser to a malicious site. On successfu...
CVE-2025-30012 Multiple vulnerabilities in SAP Supplier Relationship Management (Live Auction Cockpit)
The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component, which allows an unauthenticated attacker to send malicious payload request in a specific encoding format. The servlet will then decode this malicious request which will result in...
CVE-2025-30012 Multiple vulnerabilities in SAP Supplier Relationship Management (Live Auction Cockpit)
The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component, which allows an unauthenticated attacker to send malicious payload request in a specific encoding format. The servlet will then decode this malicious request which will result in...
CVE-2025-30012
CVE-2025-30012 affects the SAP SRM Live Auction Cockpit component, where a deprecated Java applet enables an unauthenticated attacker to trigger deserialization of a crafted payload, leading to execution of arbitrary OS commands with SAP Administrator privileges. The cited impact is high on confi...
CVE-2025-30009 Multiple vulnerabilities in SAP Supplier Relationship Management (Live Auction Cockpit)
he Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to execute malicious script in the victim�s browser. This vulnerability has low impact on confidentiality and...
PT-2025-20808 · Sap · Sap Supplier Relationship Management
Name of the Vulnerable Software and Affected Versions: SAP Supplier Relationship Management SRM affected versions not specified Description: The issue concerns the Live Auction Cockpit in SAP Supplier Relationship Management SRM, which utilizes a deprecated Java applet component. This component...
SAP Supplier Relationship Management 输入验证错误漏洞
SAP supplier relationship management is a supplier relationship management software developed by SAP Germany. An input validation error vulnerability exists in SAP supplier relationship management, which stems from the use of a deprecated Java applet component that can be exploited by an attacker...
SAP Supplier Relationship Management 安全漏洞
SAP supplier relationship management is a supplier relationship management software developed by SAP Germany. An information disclosure vulnerability exists in SAP supplier relationship management, which stems from the use of a deprecated Java applet component, and can be exploited by an attacker...
SAP Supplier Relationship Management 跨站脚本漏洞
SAP supplier relationship management is a supplier relationship management software developed by SAP Germany. A cross-site scripting vulnerability exists in SAP supplier relationship management, which stems from the use of a deprecated Java applet component that can be exploited by an attacker to...
PT-2025-20805 · Sap · Sap Srm
Name of the Vulnerable Software and Affected Versions: SAP Supplier Relationship Management SRM affected versions not specified Description: The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated Java applet component, allowing an unauthenticated attacker to execut...
SAP Supplier Relationship Management 代码问题漏洞
SAP Supplier Relationship Management SRM is a supplier relationship management solution from SAP, Germany. The product automates purchasing and acquisition processes within an organization as well as between suppliers, and provides functions such as invoicing. A code issue vulnerability exists in...
PT-2025-20807 · Sap · Sap Srm
Name of the Vulnerable Software and Affected Versions: SAP Supplier Relationship Management SRM affected versions not specified Description: The issue concerns the use of a deprecated java applet component within the Live Auction Cockpit in SAP SRM. This allows an unauthenticated attacker to send...
PT-2025-20806 · Sap · Sap Srm
Name of the Vulnerable Software and Affected Versions: SAP Supplier Relationship Management SRM affected versions not specified Description: The issue concerns the use of a deprecated java applet component within the Live Auction Cockpit in SAP SRM. This allows an unauthenticated attacker to craf...
Security Bulletin:IBM TRIRIGA Application Platform may be be afftected by known vulnerabilities in db2jcc4.jar (CVE-2007-2582)
Summary IBM TRIRIGA Application may be vulnerable to mutiple buffer overflows in DB2 Vulnerability Details CVEID:CVE-2007-2582 DESCRIPTION: Multiple buffer overflows in the DB2 JDBC Applet Server DB2JDS service in IBM DB2 9.x and earlier allow remote attackers to 1 execute arbitrary code via a...
Linux Distros Unpatched Vulnerability : CVE-2023-49345
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Temporary data passed between application components by Budgie Extras Takeabreak applet could potentially be viewed or manipulated. The data is stored in a...