EUVD-2025-14337

Malicious code in bioql PyPI...

EUVD-2025-14355

Malicious code in bioql PyPI...

CVE-2025-30012

The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component, which allows an unauthenticated attacker to send malicious payload request in a specific encoding format. The servlet will then decode this malicious request which will result in...

CVE-2025-30010

The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to craft a malicious link, which when clicked by a victim, redirects the browser to a malicious site. On successfu...

CVE-2025-30010

The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to craft a malicious link, which when clicked by a victim, redirects the browser to a malicious site. On successfu...

CVE-2025-30009

he Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to execute malicious script in the victim�s browser. This vulnerability has low impact on confidentiality and...

CVE-2025-30012

The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component, which allows an unauthenticated attacker to send malicious payload request in a specific encoding format. The servlet will then decode this malicious request which will result in...

CVE-2025-30011

The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to send an malicious request to the application, which could disclose the internal version details of the affected...

CVE-2025-30018

The Live Auction Cockpit in SAP Supplier Relationship Management SRM allows an unauthenticated attacker to submit an application servlet request with a crafted XML file which when parsed, enables the attacker to access sensitive files and data. This vulnerability has a high impact on the...

CVE-2025-30011

The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to send an malicious request to the application, which could disclose the internal version details of the affected...

CVE-2025-30018

CVE-2025-30018 affects SAP SRM Live Auction Cockpit. An unauthenticated attacker can submit a crafted XML servlet request; parsed input enables access to sensitive files/data. Root cause: improper parsing of XML in the application servlet. Impact is confined to confidentiality (high); no demonstr...

CVE-2025-30018 Multiple vulnerabilities in SAP Supplier Relationship Management (Live Auction Cockpit)

The Live Auction Cockpit in SAP Supplier Relationship Management SRM allows an unauthenticated attacker to submit an application servlet request with a crafted XML file which when parsed, enables the attacker to access sensitive files and data. This vulnerability has a high impact on the...

CVE-2025-30018 Multiple vulnerabilities in SAP Supplier Relationship Management (Live Auction Cockpit)

The Live Auction Cockpit in SAP Supplier Relationship Management SRM allows an unauthenticated attacker to submit an application servlet request with a crafted XML file which when parsed, enables the attacker to access sensitive files and data. This vulnerability has a high impact on the...

CVE-2025-30012

CVE-2025-30012 affects the SAP SRM Live Auction Cockpit component, where a deprecated Java applet enables an unauthenticated attacker to trigger deserialization of a crafted payload, leading to execution of arbitrary OS commands with SAP Administrator privileges. The cited impact is high on confi...

CVE-2025-30011 Multiple vulnerabilities in SAP Supplier Relationship Management (Live Auction Cockpit)

The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to send an malicious request to the application, which could disclose the internal version details of the affected...

CVE-2025-30011

SAP SRM Live Auction Cockpit is affected by a vulnerability due to a deprecated Java applet component that allows an unauthenticated attacker to send a malicious request to disclose internal system version details. The impact is described as low confidentiality impact with no effect on integrity ...

CVE-2025-30011 Multiple vulnerabilities in SAP Supplier Relationship Management (Live Auction Cockpit)

The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to send an malicious request to the application, which could disclose the internal version details of the affected...

CVE-2025-30010

CVE-2025-30010 affects SAP Supplier Relationship Management (SRM) Live Auction Cockpit, where a deprecated Java applet enables an unauthenticated attacker to craft a link that redirects a victim’s browser to a malicious site. The reported impact is low confidentiality and integrity, with no avail...

CVE-2025-30010 Multiple vulnerabilities in SAP Supplier Relationship Management (Live Auction Cockpit)

The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to craft a malicious link, which when clicked by a victim, redirects the browser to a malicious site. On successfu...

CVE-2025-30009 Multiple vulnerabilities in SAP Supplier Relationship Management (Live Auction Cockpit)

he Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to execute malicious script in the victim�s browser. This vulnerability has low impact on confidentiality and...