Lucene search
K

266 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-27226

Malicious code in bioql PyPI...

5.3CVSS6.3AI score0.00214EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-3753

Malicious code in bioql PyPI...

5.4CVSS7.4AI score0.01593EPSS
Exploits0References18
NVD
NVD
added 2025/09/15 9:15 p.m.7 views

CVE-2025-59056

FreePBX is an open-source web-based graphical user interface. In FreePBX 15, 16, and 17, malicious connections to the Administrator Control Panel web interface can cause the uninstall function to be triggered for certain modules. This function drops the module's database tables, which is where mo...

8.7CVSS0.00434EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2025/09/15 9:4 p.m.3 views

CVE-2025-59056

FreePBX is an open-source web-based graphical user interface. In FreePBX 15, 16, and 17, malicious connections to the Administrator Control Panel web interface can cause the uninstall function to be triggered for certain modules. This function drops the module's database tables, which is where mo...

8.7CVSS5.5AI score0.00434EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2025/09/15 12:0 a.m.5 views

PT-2025-37764

Name of the Vulnerable Software and Affected Versions: FreePBX versions 15.0.0 through 15.0.37 FreePBX versions 16.0.0 through 16.0.40 FreePBX versions 17.0.0 through 17.0.20 Description: FreePBX is a web-based graphical user interface. Malicious connections to the Administrator Control Panel web...

8.7CVSS6.5AI score0.00434EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/09/11 3:19 a.m.8 views

CVE-2025-42929

Due to missing input validation, an attacker with high privilege access to ABAP reports could delete the content of arbitrary database tables, if the tables are not protected by an authorization group. This leads to a high impact on integrity and availability of the database...

8.1CVSS6.8AI score0.00216EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/09 2:10 a.m.11 views

CVE-2025-42929 Missing input validation vulnerability in SAP Landscape Transformation Replication Server

Due to missing input validation, an attacker with high privilege access to ABAP reports could delete the content of arbitrary database tables, if the tables are not protected by an authorization group. This leads to a high impact on integrity and availability of the database...

8.1CVSS0.00216EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.6 views

PT-2025-36558

Name of the Vulnerable Software and Affected Versions: SAP ABAP affected versions not specified Description: The issue involves a missing input validation in ABAP reports. An attacker with high privilege access could delete the content of arbitrary database tables not protected by an authorizatio...

8.1CVSS5.9AI score0.00216EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2025/09/09 12:0 a.m.8 views

PT-2025-36549

Name of the Vulnerable Software and Affected Versions: SAP ABAP Reports affected versions not specified Description: Due to missing input validation in ABAP reports, an attacker with high privilege access could delete the content of arbitrary database tables if the tables are not protected by an...

8.1CVSS6.1AI score0.00249EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2025/09/09 12:0 a.m.2 views

TYPO3 11.0.0 < 11.5.48 ELTS / 12.0.0 < 12.4.37 / 13.0.0 < 13.4.18 (TYPO3-CORE-SA-2025-023)

The version of TYPO3 installed on the remote host is 11.0.0 prior to 11.5.48 ELTS / 12.0.0 prior to 12.4.37 / 13.0.0 prior to 13.4.18. It is, therefore, affected by a vulnerability as referenced in the TYPO3-CORE-SA-2025-023 advisory. - Missing authorization checks in the CSV download feature of...

5.3CVSS5.6AI score0.00214EPSS
Exploits0References2
NVD
NVD
added 2025/08/12 3:15 a.m.29 views

CVE-2025-42949

Due to a missing authorization check in the ABAP Platform, an authenticated user with elevated privileges could bypass authorization restrictions for common transactions by leveraging the SQL Console. This could enable an attacker to access and read the contents of database tables without proper...

4.9CVSS0.00291EPSS
Exploits0References2
CVE
CVE
added 2025/08/12 2:8 a.m.22 views

CVE-2025-42949

CVE-2025-42949 : A missing authorization check in the ABAP Platform could allow an authenticated user with elevated privileges to bypass authorization for common transactions via the SQL Console and read database table contents, exposing data confidentiality. The impact is limited to confidential...

4.9CVSS7.5AI score0.00291EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/08/12 12:0 a.m.12 views

PT-2025-32609 · Sap · Abap Platform

Name of the Vulnerable Software and Affected Versions: ABAP Platform affected versions not specified Description: A missing authorization check in the ABAP Platform allows an authenticated user with elevated privileges to bypass authorization restrictions for common transactions using the SQL...

4.9CVSS7.2AI score0.00291EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/07/10 1:30 a.m.5 views

CVE-2025-42952

SAP Business Warehouse and SAP Plug-In Basis allows an authenticated attacker to add fields to arbitrary SAP database tables and/or structures, potentially rendering the system unusable. On successful exploitation, an attacker can render the system unusable by triggering short dumps on login. Thi...

7.7CVSS7.1AI score0.00362EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/08 12:35 a.m.10 views

CVE-2025-42961 Missing Authorization check in SAP NetWeaver Application Server for ABAP

Due to a missing authorization check in SAP NetWeaver Application server for ABAP, an authenticated user with high privileges could exploit the insufficient validation of user permissions to access sensitive database tables. By leveraging overly permissive access configurations, unauthorized...

4.9CVSS0.00298EPSS
Exploits0References2
CVE
CVE
added 2025/07/08 12:34 a.m.20 views

CVE-2025-42952

CVE-2025-42952 affects SAP Business Warehouse and SAP Plug-In Basis. An authenticated attacker can add fields to arbitrary SAP database tables/structures, potentially rendering the system unusable by triggering short dumps on login. Availability impact is High; no read/change/delete of data is in...

7.7CVSS6.5AI score0.00362EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/07/08 12:0 a.m.3 views

SAP NetWeaver Application Server ABAP 安全漏洞

SAP NetWeaver Application Server ABAP is a platform for running and developing applications based on the ABAP language from SAP, Germany. A security vulnerability exists in SAP NetWeaver Application Server ABAP that stems from a lack of authorization checking, which could allow an overprivileged...

4.9CVSS6.3AI score0.00298EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/07/08 12:0 a.m.3 views

SAP Business Warehouse和SAP Plug-In Basis 安全漏洞

SAP Business Warehouse and SAP Plug-In Basis are both products of SAP, Germany.SAP Business Warehouse is a key component for executing business processes that allows users to design, implement, and manage business processes, ensure process compliance, and reduce the need for manual operations...

7.7CVSS6.7AI score0.00362EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/06/10 12:0 a.m.9 views

SAP Business Warehouse和SAP Plug-In Basis 安全漏洞

SAP Business Warehouse and SAP Plug-In Basis are both products of SAP, Germany.SAP Business Warehouse is a key component for executing business processes that allows users to design, implement, and manage business processes, ensure process compliance, and reduce the need for manual operations...

8.5CVSS6.5AI score0.00272EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/05/30 12:0 a.m.12 views

PT-2025-23236

Name of the Vulnerable Software and Affected Versions Lovable versions prior to 2025-04-15 Description An insufficient database Row-Level Security RLS policy allows remote unauthenticated attackers to read or write to arbitrary database tables of generated sites. Row-Level Security is a database...

9.3CVSS7.6AI score0.00709EPSS
Exploits3References55
Rows per page
Query Builder