7 matches found
CVE-2025-42939 Missing Authorization Check in SAP S/4HANA (Manage Processing Rules - For Bank Statements)
SAP S/4HANA Manage Processing Rules - For Bank Statements allows an authenticated attacker with basic privileges to delete conditions from any shared rule of any user by tampering the request parameter. Due to missing authorization check, the attacker can delete shared rule conditions that should...
EUVD-2023-32654
Malicious code in bioql PyPI...
CVE-2025-53709
Secure-upload is a data submission service that validates single-use tokens when accepting submissions to channels. The service only installed on a small number of environments. Under specific circumstances, privileged users of secure-upload could have selected email templates not necessarily...
CVE-2025-53709 Access control issues impacting secure-upload service
Secure-upload is a data submission service that validates single-use tokens when accepting submissions to channels. The service only installed on a small number of environments. Under specific circumstances, privileged users of secure-upload could have selected email templates not necessarily...
CVE-2025-53709
The CVE-2025-53709 entries describe a privilege/authorization issue in Palantir Secure-upload, a data submission service installed on a limited set of environments. Affected component: Secure-upload before version 0.815.0. Reported problems include: privileged users could select email templates n...
PYSEC-2017-11
Cross-site request forgery CSRF vulnerability in django CMS before 3.0.14, 3.1.x before 3.1.1 allows remote attackers to manipulate privileged users into performing unknown actions via unspecified vectors...
Why Care About Data-Centric Security?
It’s no surprise that data breaches are evolving and becoming increasingly more complex. According to the Verizon 2017 Data Breach Investigation Report, data breaches are “complex affairs often involving some combination of human factors, hardware devices, exploited configurations or malicious...