CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

231 matches found

Positive Technologies•added 2026/01/13 12:0 a.m.•3 views

PT-2026-2340

Name of the Vulnerable Software and Affected Versions Application Server ABAP and ABAP Platform affected versions not specified Description A missing authorization check exists in Application Server ABAP and ABAP Platform. An authenticated attacker can misuse an RFC function to execute form...

8.1CVSS6.6AI score0.00074EPSS

Exploits0References5

RedhatCVE•added 2026/01/09 8:48 a.m.•3 views

CVE-2025-23186

In certain conditions, SAP NetWeaver Application Server ABAP allows an authenticated attacker to craft a Remote Function Call RFC request to restricted destinations, which can be used to expose credentials for a remote service. These credentials can then be further exploited to completely...

8.5CVSS7AI score0.00246EPSS

Exploits0References1

RedhatCVE•added 2025/12/10 2:32 a.m.•2 views

CVE-2025-42880

Due to missing input sanitation, SAP Solution Manager allows an authenticated attacker to insert malicious code when calling a remote-enabled function module. This could provide the attacker with full control of the system hence leading to high impact on confidentiality, integrity and availabilit...

9.9CVSS6.7AI score0.00126EPSS

Exploits0References1

Cvelist•added 2025/12/09 2:15 a.m.•22 views

CVE-2025-42880 Code Injection vulnerability in SAP Solution Manager

9.9CVSS0.00126EPSS

Exploits0References2

CVE•added 2025/12/09 2:15 a.m.•11 views

CVE-2025-42880

CVE-2025-42880 concerns SAP Solution Manager. Underlying issue is missing input sanitation that allows an authenticated attacker to insert arbitrary code when calling a remote-enabled function module, potentially giving full control of the system and high impact to confidentiality, integrity, and...

9.9CVSS6.4AI score0.00126EPSS

Exploits0References2

Vulnrichment•added 2025/12/09 2:15 a.m.•3 views

CVE-2025-42880 Code Injection vulnerability in SAP Solution Manager

9.9CVSS6.4AI score0.00126EPSS

Exploits0References2

Positive Technologies•added 2025/12/09 12:0 a.m.•2 views

PT-2025-49769

Name of the Vulnerable Software and Affected Versions SAP Solution Manager affected versions not specified Description SAP Solution Manager is susceptible to a code injection issue stemming from inadequate input sanitation. An authenticated attacker can inject malicious code when invoking a...

9.9CVSS8AI score0.00126EPSS

Exploits0References11

RedhatCVE•added 2025/11/12 12:36 a.m.•3 views

CVE-2025-42885

Due to missing authentication, SAP HANA 2.0 hdbrss allows an unauthenticated attacker to call a remote-enabled function that will enable them to view information. As a result, it has a low impact on the confidentiality but no impact on the integrity and availability of the system...

5.8CVSS6.7AI score0.0008EPSS

Exploits0References1

RedhatCVE•added 2025/11/12 12:36 a.m.•1 views

CVE-2025-42887

9.9CVSS6.6AI score0.00084EPSS

Exploits0References1

EUVD•added 2025/11/11 3:30 a.m.•1 views

EUVD-2025-60993

5.8CVSS6.3AI score0.0008EPSS

Exploits0References3

EUVD•added 2025/11/11 3:30 a.m.•1 views

EUVD-2025-60991

9.9CVSS6.3AI score0.00084EPSS

Exploits0References3

NVD•added 2025/11/11 1:15 a.m.•4 views

CVE-2025-42887

9.9CVSS0.00084EPSS

Exploits0References2

Cvelist•added 2025/11/11 12:14 a.m.•4 views

CVE-2025-42887 Code Injection vulnerability in SAP Solution Manager

9.9CVSS0.00084EPSS

Exploits0References2

CVE•added 2025/11/11 12:14 a.m.•8 views

CVE-2025-42887

CVE-2025-42887 affects SAP Solution Manager. The vulnerability is a code-injection flaw caused by missing input sanitization when an authenticated user calls a remote-enabled function module, potentially allowing full system compromise with high impact to confidentiality, integrity, and availabil...

9.9CVSS6.4AI score0.00084EPSS

Exploits0References2

Vulnrichment•added 2025/11/11 12:14 a.m.•1 views

CVE-2025-42887 Code Injection vulnerability in SAP Solution Manager

9.9CVSS6.2AI score0.00084EPSS

Exploits0References2

Positive Technologies•added 2025/11/11 12:0 a.m.•4 views

PT-2025-46228

Name of the Vulnerable Software and Affected Versions SAP Solution Manager affected versions not specified Description SAP Solution Manager is susceptible to a code injection issue stemming from inadequate input sanitization. An authenticated attacker can inject malicious code by calling a...

9.9CVSS6.7AI score0.00084EPSS

Exploits0References21

Positive Technologies•added 2025/11/11 12:0 a.m.•2 views

PT-2025-46226

Name of the Vulnerable Software and Affected Versions SAP HANA version 2.0 Description SAP HANA 2.0 hdbrss is affected by a missing authentication mechanism. This allows an unauthenticated attacker to call a remote-enabled function and view information. The issue has a low impact on...

5.8CVSS6.4AI score0.0008EPSS

Exploits0References6

Vulnrichment•added 2025/10/14 12:17 a.m.•2 views

CVE-2025-42903 User Enumeration and Sensitive Data Exposure via RFC Function in SAP Financial Service Claims Management

A vulnerability in SAP Financial Service Claims Management RFC function ICLUSERGETNAMEANDADDRESS allows user enumeration and potential disclosure of personal data through response discrepancies, causing low impact on confidentiality with no impact on integrity or availability...

4.3CVSS6.3AI score0.00038EPSS

Exploits0References2

CVE•added 2025/10/14 12:17 a.m.•7 views

CVE-2025-42903

CVE-2025-42903 pertains to SAP Financial Service Claims Management via the RFC function ICL_USER_GET_NAME_AND_ADDRESS. The issue allows user enumeration and potential disclosure of personal data due to response discrepancies, with low confidentiality impact and no impact to integrity or availabil...

4.3CVSS6.3AI score0.00038EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2016-4660

Malware in sbrugna...

7.5CVSS7.6AI score0.00592EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by