266 matches found
EUVD-2025-27226
Malicious code in bioql PyPI...
EUVD-2022-3753
Malicious code in bioql PyPI...
CVE-2025-59056
FreePBX is an open-source web-based graphical user interface. In FreePBX 15, 16, and 17, malicious connections to the Administrator Control Panel web interface can cause the uninstall function to be triggered for certain modules. This function drops the module's database tables, which is where mo...
CVE-2025-59056
FreePBX is an open-source web-based graphical user interface. In FreePBX 15, 16, and 17, malicious connections to the Administrator Control Panel web interface can cause the uninstall function to be triggered for certain modules. This function drops the module's database tables, which is where mo...
PT-2025-37764
Name of the Vulnerable Software and Affected Versions: FreePBX versions 15.0.0 through 15.0.37 FreePBX versions 16.0.0 through 16.0.40 FreePBX versions 17.0.0 through 17.0.20 Description: FreePBX is a web-based graphical user interface. Malicious connections to the Administrator Control Panel web...
CVE-2025-42929
Due to missing input validation, an attacker with high privilege access to ABAP reports could delete the content of arbitrary database tables, if the tables are not protected by an authorization group. This leads to a high impact on integrity and availability of the database...
CVE-2025-42929 Missing input validation vulnerability in SAP Landscape Transformation Replication Server
Due to missing input validation, an attacker with high privilege access to ABAP reports could delete the content of arbitrary database tables, if the tables are not protected by an authorization group. This leads to a high impact on integrity and availability of the database...
PT-2025-36558
Name of the Vulnerable Software and Affected Versions: SAP ABAP affected versions not specified Description: The issue involves a missing input validation in ABAP reports. An attacker with high privilege access could delete the content of arbitrary database tables not protected by an authorizatio...
PT-2025-36549
Name of the Vulnerable Software and Affected Versions: SAP ABAP Reports affected versions not specified Description: Due to missing input validation in ABAP reports, an attacker with high privilege access could delete the content of arbitrary database tables if the tables are not protected by an...
TYPO3 11.0.0 < 11.5.48 ELTS / 12.0.0 < 12.4.37 / 13.0.0 < 13.4.18 (TYPO3-CORE-SA-2025-023)
The version of TYPO3 installed on the remote host is 11.0.0 prior to 11.5.48 ELTS / 12.0.0 prior to 12.4.37 / 13.0.0 prior to 13.4.18. It is, therefore, affected by a vulnerability as referenced in the TYPO3-CORE-SA-2025-023 advisory. - Missing authorization checks in the CSV download feature of...
CVE-2025-42949
Due to a missing authorization check in the ABAP Platform, an authenticated user with elevated privileges could bypass authorization restrictions for common transactions by leveraging the SQL Console. This could enable an attacker to access and read the contents of database tables without proper...
CVE-2025-42949
CVE-2025-42949 : A missing authorization check in the ABAP Platform could allow an authenticated user with elevated privileges to bypass authorization for common transactions via the SQL Console and read database table contents, exposing data confidentiality. The impact is limited to confidential...
PT-2025-32609 · Sap · Abap Platform
Name of the Vulnerable Software and Affected Versions: ABAP Platform affected versions not specified Description: A missing authorization check in the ABAP Platform allows an authenticated user with elevated privileges to bypass authorization restrictions for common transactions using the SQL...
CVE-2025-42952
SAP Business Warehouse and SAP Plug-In Basis allows an authenticated attacker to add fields to arbitrary SAP database tables and/or structures, potentially rendering the system unusable. On successful exploitation, an attacker can render the system unusable by triggering short dumps on login. Thi...
CVE-2025-42961 Missing Authorization check in SAP NetWeaver Application Server for ABAP
Due to a missing authorization check in SAP NetWeaver Application server for ABAP, an authenticated user with high privileges could exploit the insufficient validation of user permissions to access sensitive database tables. By leveraging overly permissive access configurations, unauthorized...
CVE-2025-42952
CVE-2025-42952 affects SAP Business Warehouse and SAP Plug-In Basis. An authenticated attacker can add fields to arbitrary SAP database tables/structures, potentially rendering the system unusable by triggering short dumps on login. Availability impact is High; no read/change/delete of data is in...
SAP NetWeaver Application Server ABAP 安全漏洞
SAP NetWeaver Application Server ABAP is a platform for running and developing applications based on the ABAP language from SAP, Germany. A security vulnerability exists in SAP NetWeaver Application Server ABAP that stems from a lack of authorization checking, which could allow an overprivileged...
SAP Business Warehouse和SAP Plug-In Basis 安全漏洞
SAP Business Warehouse and SAP Plug-In Basis are both products of SAP, Germany.SAP Business Warehouse is a key component for executing business processes that allows users to design, implement, and manage business processes, ensure process compliance, and reduce the need for manual operations...
SAP Business Warehouse和SAP Plug-In Basis 安全漏洞
SAP Business Warehouse and SAP Plug-In Basis are both products of SAP, Germany.SAP Business Warehouse is a key component for executing business processes that allows users to design, implement, and manage business processes, ensure process compliance, and reduce the need for manual operations...
PT-2025-23236
Name of the Vulnerable Software and Affected Versions Lovable versions prior to 2025-04-15 Description An insufficient database Row-Level Security RLS policy allows remote unauthenticated attackers to read or write to arbitrary database tables of generated sites. Row-Level Security is a database...