Lucene search
K

4 matches found

Cvelist
Cvelist
added yesterday17 views

CVE-2026-22660 FlaskBB Logic Flaw Authorization Group Deletion via Bulk AJAX Endpoint

FlaskBB through 2.2.0, fixed in commit a5da9a5, contains a logic flaw vulnerability that allows authenticated administrators to delete all built-in authorization groups by exploiting a type mismatch in the bulk delete protection check. The bulk AJAX endpoint in the management views compares...

8.6CVSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/09/09 2:10 a.m.3 views

CVE-2025-42929 Missing input validation vulnerability in SAP Landscape Transformation Replication Server

Due to missing input validation, an attacker with high privilege access to ABAP reports could delete the content of arbitrary database tables, if the tables are not protected by an authorization group. This leads to a high impact on integrity and availability of the database...

8.1CVSS6.4AI score0.00216EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/09/09 2:7 a.m.5 views

CVE-2025-42916 Missing input validation vulnerability in SAP S/4HANA (Private Cloud or On-Premise)

Due to missing input validation, an attacker with high privilege access to ABAP reports could delete the content of arbitrary database tables, if the tables are not protected by an authorization group. This leads to a high impact on integrity and availability of the database but no impact on...

8.1CVSS6.4AI score0.00249EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.8 views

PT-2025-36549

Name of the Vulnerable Software and Affected Versions: SAP ABAP Reports affected versions not specified Description: Due to missing input validation in ABAP reports, an attacker with high privilege access could delete the content of arbitrary database tables if the tables are not protected by an...

8.1CVSS6.1AI score0.00249EPSS
Exploits0References8
Rows per page
Query Builder