Lucene search
K

7 matches found

Cvelist
Cvelist
added 2025/10/14 12:18 a.m.9 views

CVE-2025-42939 Missing Authorization Check in SAP S/4HANA (Manage Processing Rules - For Bank Statements)

SAP S/4HANA Manage Processing Rules - For Bank Statements allows an authenticated attacker with basic privileges to delete conditions from any shared rule of any user by tampering the request parameter. Due to missing authorization check, the attacker can delete shared rule conditions that should...

4.3CVSS0.00209EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-32654

Malicious code in bioql PyPI...

9.6CVSS9.1AI score0.01668EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/07/12 7:24 p.m.10 views

CVE-2025-53709

Secure-upload is a data submission service that validates single-use tokens when accepting submissions to channels. The service only installed on a small number of environments. Under specific circumstances, privileged users of secure-upload could have selected email templates not necessarily...

5.4CVSS7.3AI score0.00166EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/10 6:38 p.m.3 views

CVE-2025-53709 Access control issues impacting secure-upload service

Secure-upload is a data submission service that validates single-use tokens when accepting submissions to channels. The service only installed on a small number of environments. Under specific circumstances, privileged users of secure-upload could have selected email templates not necessarily...

5.4CVSS6.6AI score0.00166EPSS
Exploits0References1
CVE
CVE
added 2025/07/10 6:38 p.m.21 views

CVE-2025-53709

The CVE-2025-53709 entries describe a privilege/authorization issue in Palantir Secure-upload, a data submission service installed on a limited set of environments. Affected component: Secure-upload before version 0.815.0. Reported problems include: privileged users could select email templates n...

5.4CVSS6.6AI score0.00166EPSS
Exploits0References1
PyPA
PyPA
added 2017/08/18 6:29 p.m.22 views

PYSEC-2017-11

Cross-site request forgery CSRF vulnerability in django CMS before 3.0.14, 3.1.x before 3.1.1 allows remote attackers to manipulate privileged users into performing unknown actions via unspecified vectors...

8.8CVSS7AI score0.01036EPSS
Exploits0References4Affected Software1
Imperva Blog
Imperva Blog
added 2017/05/02 3:30 p.m.44 views

Why Care About Data-Centric Security?

It’s no surprise that data breaches are evolving and becoming increasingly more complex. According to the Verizon 2017 Data Breach Investigation Report, data breaches are “complex affairs often involving some combination of human factors, hardware devices, exploited configurations or malicious...

6.7AI score
Exploits0
Rows per page
Query Builder