Lucene search
+L

78 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-27228

Malicious code in bioql PyPI...

8.8CVSS6.3AI score0.00276EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/16 12:0 a.m.8 views

Liferay Portal和Liferay DXP 安全漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

6.9CVSS6.4AI score0.00271EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/09/11 2:9 a.m.5 views

CVE-2025-42912

SAP HCM My Timesheet Fiori 2.0 application does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This issue has a significant impact on the application's integrity, while confidentiality and availability remain unaffected...

6.5CVSS6.9AI score0.00216EPSS
Exploits0References1
NVD
NVD
added 2025/09/09 9:15 a.m.30 views

CVE-2025-59018

Missing authorization checks in the Workspace Module of TYPO3 CMS versions 9.0.0‑9.5.54, 10.0.0‑10.4.53, 11.0.0‑11.5.47, 12.0.0‑12.4.36, and 13.0.0‑13.4.17 allow backend users to directly invoke the corresponding AJAX backend route to disclose sensitive information without having access...

7.1CVSS0.00266EPSS
Exploits0References1
OSV
OSV
added 2025/08/25 2:15 p.m.5 views

CVE-2025-45968

An issue in System PDV v1.0 allows a remote attacker to obtain sensitive information via the hash parameter in a URL. The application contains an Insecure Direct Object Reference IDOR vulnerability, which occurs due to a lack of proper authorization checks when accessing objects referenced by thi...

9.8CVSS5.8AI score0.00584EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/07/08 12:0 a.m.9 views

SAP NetWeaver 安全漏洞

SAP NetWeaver is a set of integrated service-oriented application platforms from SAP, Germany. The platform primarily provides a development and runtime environment for SAP applications. A security vulnerability exists in SAP NetWeaver, which stems from a lack of authorization checks and allows...

4.3CVSS6.7AI score0.0023EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 2:34 a.m.9 views

CVE-2023-1874

The WP Data Access plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.3.7. This is due to a lack of authorization checks on the multiplerolesupdate function. This makes it possible for authenticated attackers, with minimal permissions such as a...

8.8CVSS6AI score0.02726EPSS
Exploits3References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:45 p.m.10 views

CVE-2020-6188

VAT Pro-Rata reports in SAP ERP SAPAPPL versions 600, 602, 603, 604, 605, 606, 616 and SAPFIN versions 617, 618, 700, 720, 730 and SAP S/4 HANA versions 100, 101, 102, 103, 104 do not perform necessary authorization checks for an authenticated user leading to Missing Authorization Check...

8.8CVSS6.8AI score0.00676EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/13 12:0 a.m.14 views

SAP ERP HCM和SAP S/4HANA 安全漏洞

SAP ERP HCM and SAP S/4HANA are both products of SAP, an enterprise human resource management solution, and SAP S/4HANA, an enterprise resource management software based on the SAP HANA in-memory database system. SAP ERP HCM and SAP S/4HANA have an authorization issue vulnerability that stems fro...

5.8CVSS6.3AI score0.00307EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/03/11 12:0 a.m.5 views

SAP Just In Time 安全漏洞

SAP Just In Time SAP JIT is an application from SAP, Germany, designed to enable efficient demand-driven production and logistics throughout the supply chain. A security vulnerability exists in SAP Just In Time that stems from a failure to perform required authorization checks, which could result...

3.1CVSS6.7AI score0.00205EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/03/11 12:0 a.m.5 views

SAP Business Warehouse 安全漏洞

SAP Business Warehouse is a key component for executing business processes from SAP, Germany, that allows users to design, implement, and manage business processes, ensure process compliance, and reduce the need for manual operations through automation. A security vulnerability exists in SAP...

5.7CVSS6.7AI score0.00205EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.8 views

PT-2025-1182 · Sap · Sap Netweaver Application Server Abap

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Application Server ABAP affected versions not specified Description: The issue is related to an obsolete functionality in SAP NetWeaver Application Server ABAP that did not perform necessary authorization checks. This allows an...

4.3CVSS6.7AI score0.00265EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2025/01/01 12:0 a.m.4 views

PT-2025-42566

Name of the Vulnerable Software and Affected Versions mediawiki affected versions not specified Description The software contains a flaw related to missing authorization checks for the extracts endpoint. This could potentially allow unauthorized access to data. Recommendations At the moment, ther...

6.9CVSS6.3AI score0.00332EPSS
Exploits0References15
CNNVD
CNNVD
added 2024/12/11 12:0 a.m.4 views

Rapid7 Insight Platform 安全漏洞

Rapid7 Insight Platform is a platform for managing profiles, users, products, API keys and settings from Rapid7 USA. Rapid7 Insight Platform has a security vulnerability that stems from a lack of authorization checks. An attacker can exploit the vulnerability to elevate privileges...

5.3CVSS6.8AI score0.00323EPSS
Exploits0References1
NVD
NVD
added 2024/08/13 4:15 a.m.23 views

CVE-2024-33005

Due to the missing authorization checks in the local systems, the admin users of SAP Web Dispatcher, SAP NetWeaver Application Server ABAP and Java, and SAP Content Server can impersonate other users and may perform some unintended actions. This could lead to a low impact on confidentiality and a...

6.3CVSS0.00208EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/07/22 12:0 a.m.8 views

PT-2024-37877 · National Instruments · Ni Veristand

Name of the Vulnerable Software and Affected Versions: NI VeriStand versions 2024 Q2 and prior Description: The issue is related to missing authorization checks in the NI VeriStand Gateway when accessing Project resources, potentially leading to remote code execution. Recommendations: For NI...

9.8CVSS8.1AI score0.01019EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/07/09 12:0 a.m.5 views

SAP S/4HANA Security Vulnerabilities

SAP S/4HANA is an enterprise resource management software based on the SAP HANA in-memory database system from SAP, Germany. A security vulnerability exists in SAP S/4HANA that stems from a failure to perform the required authorization checks for authenticated users, resulting in an escalation of...

5.4CVSS6.8AI score0.00296EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/05/14 12:0 a.m.4 views

SAP S/4 HANA 安全漏洞

SAP S/4 HANA is an intelligent, integrated ERP software for large enterprises from SAP, a German company. A security vulnerability exists in SAP S/4 HANA that stems from not performing the required authorization checks on authenticated users, which can lead to privilege escalation...

4.3CVSS6.6AI score0.00286EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/04/26 12:0 a.m.6 views

PT-2024-24817 · Sap · Sap Enable Now Manager

Name of the Vulnerable Software and Affected Versions: SAP Enable Now Manager affected versions not specified Description: The issue is related to the lack of necessary authorization checks for authenticated users, leading to escalation of privileges. An attacker with the 'Learner' role could...

6.5CVSS7.3AI score0.00552EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/01/09 12:0 a.m.8 views

SAP LT Replication Server 授权问题漏洞

SAP LT Replication Server is a solution from SAP Germany. An authorization issue vulnerability exists in SAP LT Replication Server that stems from not performing required authorization checks. An attacker with elevated privileges could exploit the vulnerability to perform malicious actions,...

7.3CVSS6.7AI score0.00396EPSS
Exploits0References3
Rows per page
Query Builder