EUVD-2025-60993

Due to missing authentication, SAP HANA 2.0 hdbrss allows an unauthenticated attacker to call a remote-enabled function that will enable them to view information. As a result, it has a low impact on the confidentiality but no impact on the integrity and availability of the system...

CVE-2025-42903

CVE-2025-42903 pertains to SAP Financial Service Claims Management via the RFC function ICL_USER_GET_NAME_AND_ADDRESS. The issue allows user enumeration and potential disclosure of personal data due to response discrepancies, with low confidentiality impact and no impact to integrity or availabil...

CVE-2025-42903 User Enumeration and Sensitive Data Exposure via RFC Function in SAP Financial Service Claims Management

A vulnerability in SAP Financial Service Claims Management RFC function ICLUSERGETNAMEANDADDRESS allows user enumeration and potential disclosure of personal data through response discrepancies, causing low impact on confidentiality with no impact on integrity or availability...

EUVD-2025-10108

Malicious code in bioql PyPI...

EUVD-2024-52331

Malicious code in bioql PyPI...

EUVD-2025-20330

Malicious code in bioql PyPI...

EUVD-2025-24206

Malicious code in bioql PyPI...

CVE-2025-42911

SAP NetWeaver Service Data Download allows an authenticated user to call a remote-enabled function module, which could grant access to information about the SAP system and operating system. This leads to a low impact on confidentiality, with no effect on the integrity and availability of the...

VulnCheck KEV: CVE-2025-42957

SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks. This vulnerability effectively functions as a backdoor, creating...

CVE-2025-42950

SAP Landscape Transformation SLT allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks. This vulnerability effectively functions as...

CVE-2025-42957

SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks. This vulnerability effectively functions as a backdoor, creating...

CVE-2025-42957

SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks. This vulnerability effectively functions as a backdoor, creating...

CVE-2025-42950

SAP Landscape Transformation SLT allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks. This vulnerability effectively functions as...

CVE-2025-42957

CVE-2025-42957 affects SAP S/4HANA with a vulnerability in a function module exposed via RFC that allows an authenticated user to inject arbitrary ABAP code, bypassing authorization checks and potentially taking full control of the SAP environment. The flaw can impact confidentiality, integrity, ...

CVE-2025-42957 Code Injection vulnerability in SAP S/4HANA (Private Cloud or On-Premise)

SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks. This vulnerability effectively functions as a backdoor, creating...

CVE-2025-42950 Code Injection Vulnerability in SAP Landscape Transformation (Analysis Platform)

SAP Landscape Transformation SLT allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks. This vulnerability effectively functions as...

CVE-2025-42950

SAP Landscape Transformation (SLT) is affected by a CVE-2025-42950 vulnerability in which an attacker with user privileges can exploit a flaw in a function module exposed via RFC to inject arbitrary ABAP code, bypassing authorization checks and potentially compromising confidentiality, integrity,...

CVE-2025-42950 Code Injection Vulnerability in SAP Landscape Transformation (Analysis Platform)

SAP Landscape Transformation SLT allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks. This vulnerability effectively functions as...

PT-2025-32610

Name of the Vulnerable Software and Affected Versions: SAP Landscape Transformation SLT affected versions not specified Description: SAP Landscape Transformation SLT allows an attacker with user privileges to exploit a flaw in a function module exposed via Remote Function Call RFC. This enables t...

PT-2025-32613

Name of the Vulnerable Software and Affected Versions SAP S/4HANA versions prior to August 2025 Description SAP S/4HANA contains a critical vulnerability that allows an attacker with user privileges to exploit a flaw in a function module exposed via RFC. This allows the injection of arbitrary ABA...