CVE-2025-42906

CVE-2025-42906 corresponds to a path traversal vulnerability in SAP Commerce Cloud that could allow access to web applications (e.g., Administration Console) from non-deployed addresses, bypassing access controls. The provided documents describe a low confidentiality impact with no integrity or a...

EUVD-2025-24209

Malicious code in bioql PyPI...

CVE-2025-42946

Due to directory traversal vulnerability in SAP S/4HANA Bank Communication Management, an attacker with high privileges and access to a specific transaction and method in Bank Communication Management could gain unauthorized access to sensitive operating system files. This could allow the attacke...

CVE-2025-42946

Due to directory traversal vulnerability in SAP S/4HANA Bank Communication Management, an attacker with high privileges and access to a specific transaction and method in Bank Communication Management could gain unauthorized access to sensitive operating system files. This could allow the attacke...

CVE-2024-51953

There is a stored Cross-site Scripting vulnerability in ArcGIS Server for versions 11.3 and below that may allow a remote, authenticated attacker to create a stored crafted link which when clicked could potentially execute arbitrary JavaScript code in the victim’s browser. The privileges required...

CVE-2024-37345

There is a cross-site scripting vulnerability in the Secure Access administrative UI of Absolute Secure Access prior to version 13.06. Attackers can pass a limited-length script to the administrative UI which is then stored where an administrator can access it. The scope is unchanged, there is no...