128 matches found
EUVD-2025-10095
Malicious code in bioql PyPI...
EUVD-2021-8740
Malicious code in bioql PyPI...
EUVD-2025-27199
Malicious code in bioql PyPI...
CVE-2025-42930
SAP Business Planning and Consolidation allows an authenticated standard user to call a function module by crafting specific parameters that causes a loop, consuming excessive resources and resulting in system unavailability. This leads to high impact on the availability of the application, there...
CVE-2025-42930
SAP Business Planning and Consolidation allows an authenticated standard user to call a function module by crafting specific parameters that causes a loop, consuming excessive resources and resulting in system unavailability. This leads to high impact on the availability of the application, there...
CVE-2025-42911
SAP NetWeaver Service Data Download allows an authenticated user to call a remote-enabled function module, which could grant access to information about the SAP system and operating system. This leads to a low impact on confidentiality, with no effect on the integrity and availability of the...
CVE-2025-42930 Denial of Service (DoS) vulnerability in SAP Business Planning and Consolidation
SAP Business Planning and Consolidation allows an authenticated standard user to call a function module by crafting specific parameters that causes a loop, consuming excessive resources and resulting in system unavailability. This leads to high impact on the availability of the application, there...
CVE-2025-42930 Denial of Service (DoS) vulnerability in SAP Business Planning and Consolidation
SAP Business Planning and Consolidation allows an authenticated standard user to call a function module by crafting specific parameters that causes a loop, consuming excessive resources and resulting in system unavailability. This leads to high impact on the availability of the application, there...
CVE-2025-42930
CVE-2025-42930 concerns SAP Business Planning and Consolidation. An authenticated standard user can trigger a loop by crafting specific parameters to a function module, causing resource exhaustion and high availability impact. The vulnerability is a DoS risk with no confidentiality/ integrity imp...
CVE-2025-42911 Missing Authorization check in SAP NetWeaver (Service Data Download)
SAP NetWeaver Service Data Download allows an authenticated user to call a remote-enabled function module, which could grant access to information about the SAP system and operating system. This leads to a low impact on confidentiality, with no effect on the integrity and availability of the...
CVE-2025-42911 Missing Authorization check in SAP NetWeaver (Service Data Download)
SAP NetWeaver Service Data Download allows an authenticated user to call a remote-enabled function module, which could grant access to information about the SAP system and operating system. This leads to a low impact on confidentiality, with no effect on the integrity and availability of the...
PT-2025-36559
Name of the Vulnerable Software and Affected Versions: SAP Business Planning and Consolidation affected versions not specified Description: SAP Business Planning and Consolidation is susceptible to a resource exhaustion issue. An authenticated standard user can trigger this issue by manipulating...
CVE-2025-42950
SAP Landscape Transformation (SLT) is affected by a CVE-2025-42950 vulnerability in which an attacker with user privileges can exploit a flaw in a function module exposed via RFC to inject arbitrary ABAP code, bypassing authorization checks and potentially compromising confidentiality, integrity,...
CVE-2025-42986
Due to a missing authorization check in an obsolete RFC enabled function module in SAP BASIS, an authenticated low-privileged attacker could call a Remote Function Call RFC, potentially accessing restricted system information. This results in low impact on confidentiality, with no impact on...
CVE-2025-42968
SAP NetWeaver allows an authenticated non-administrative user to call the remote-enabled function module which could grants access to non-sensitive information about the SAP system and OS without requiring any specific knowledge or controlled conditions. This leads to a low impact on...
CVE-2025-42968 Missing Authorization check in SAP NetWeaver (RFC enabled function module)
SAP NetWeaver allows an authenticated non-administrative user to call the remote-enabled function module which could grants access to non-sensitive information about the SAP system and OS without requiring any specific knowledge or controlled conditions. This leads to a low impact on...
CVE-2025-42968 Missing Authorization check in SAP NetWeaver (RFC enabled function module)
SAP NetWeaver allows an authenticated non-administrative user to call the remote-enabled function module which could grants access to non-sensitive information about the SAP system and OS without requiring any specific knowledge or controlled conditions. This leads to a low impact on...
SAP NetWeaver 安全漏洞
SAP NetWeaver is a set of integrated service-oriented application platforms from SAP, Germany. The platform primarily provides a development and runtime environment for SAP applications. A security vulnerability exists in SAP NetWeaver that originates from an authenticated, non-administrative use...
CVE-2024-45285
The RFC enabled function module allows a low privileged user to perform denial of service on any user and also change or delete favourite nodes. By sending a crafted packet in the function module targeting specific parameters, the specific targeted user will no longer have access to any...
CVE-2024-44115
The RFC enabled function module allows a low privileged user to add URLs to any user's workplace favourites. This vulnerability could be utilized to identify usernames and access information about targeted user's workplaces, and nodes. There is low impact on integrity of the application...