Lucene search
K

9 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.9 views

CVE-2026-27677

Due to missing authorization checks in the SAP S/4HANA OData Service Manage Reference Equipment, an attacker could update and delete child entities via OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and availability are not...

6.5CVSS5.5AI score0.00181EPSS
Exploits0References1
CVE
CVE
added 2026/04/14 12:7 a.m.13 views

CVE-2026-27679

CVE-2026-27679 affects the SAP S/4HANA frontend OData Service (Manage Reference Structures). Missing authorization checks allow an attacker to update and delete child entities via exposed OData services, impacting integrity (I: High) with no confidentiality or availability impact stated. CVSS v3....

6.5CVSS5.8AI score0.00181EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2025/11/11 5:15 p.m.4 views

CVE-2025-24918

Improper link resolution before file access 'link following' for some IntelR Server Configuration Utility software and IntelR Server Firmware Update Utility software before version 16.0.12. within Ring 3: User Applications may allow an escalation of privilege. System software adversary with an...

6.7CVSS0.00111EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/11 4:50 p.m.9 views

CVE-2025-24848

Protection mechanism failure for some IntelR CIP software before version WINDCA2.4.0.11001 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This...

6.3CVSS0.00107EPSS
Exploits0References1
NVD
NVD
added 2025/05/28 9:15 p.m.15 views

CVE-2025-27702

CVE-2025-27702 is a vulnerability in the management console of Absolute Secure Access prior to version 13.54. Attackers with administrative access to the console and who have been assigned a certain set of permissions can bypass those permissions to improperly modify settings. The attack complexi...

6.9CVSS0.00258EPSS
Exploits0References1
NVD
NVD
added 2025/05/28 9:15 p.m.15 views

CVE-2025-27703

CVE-2025-27703 is a privilege escalation vulnerability in the management console of Absolute Secure Access prior to version 13.54. Attackers with administrative access to a specific subset of privileged features in the console can elevate their permissions to access additional features in the...

7CVSS0.00254EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/28 8:56 p.m.24 views

CVE-2025-27703 Privilege escalation in the management console of Absolute Secure Access prior to version 13.54

CVE-2025-27703 is a privilege escalation vulnerability in the management console of Absolute Secure Access prior to version 13.54. Attackers with administrative access to a specific subset of privileged features in the console can elevate their permissions to access additional features in the...

7CVSS0.00254EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/03 7:58 p.m.8 views

CVE-2024-51962 SQL injection vulnerability in ArcGIS Server

A SQL injection vulnerability in ArcGIS Server allows an EDIT operation to modify column properties in a manner that could lead to SQL injection when performed by a remote authenticated user requiring elevated, non‑administrative privileges. Exploitation is restricted to users with advanced...

8.7CVSS5.8AI score0.00472EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2024/02/09 7:19 p.m.27 views

Security Bulletin: Multiple vulnerabilities affect IBM® Semeru Runtime

Summary This bulletin covers all applicable Java SE CVEs published by OpenJDK as part of their January 2024 Vulnerability Advisory, plus CVE-2024-22361. For more information please refer to OpenJDK's January 2024 Vulnerability Advisory and the X-Force database entries referenced below...

7.5CVSS6.7AI score0.01026EPSS
Exploits0Affected Software1
Rows per page
Query Builder