36947 matches found
EUVD-2026-10459
Due to a Missing Authorization Check in SAP Business Warehouse Service API, an authenticated attacker could perform unauthorized actions via an affected RFC function module. Successful exploitation could enable unauthorized configuration and control changes, potentially disrupting request...
EUVD-2026-10458
Due to a Missing Authorization Check in SAP Business Warehouse Service API, an authenticated attacker could perform unauthorized actions via an affected RFC function module. Successful exploitation could enable unauthorized configuration and control changes, potentially disrupting request...
EUVD-2026-10456
SAP NetWeaver Enterprise Portal Administration is vulnerable if a privileged user uploads untrusted or malicious content that, upon deserialization, could result in a high impact on the confidentiality, integrity, and availability of the host system...
EUVD-2026-10457
SAP NetWeaver Enterprise Portal Administration is vulnerable if a privileged user uploads untrusted or malicious content that, upon deserialization, could result in a high impact on the confidentiality, integrity, and availability of the host system...
EUVD-2026-10449
SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability...
GO-2026-4583 malcontent: Error-path cleanup gap can leak scanners and fds and degrade availability in github.com/chainguard-dev/malcontent
malcontent: Error-path cleanup gap can leak scanners and fds and degrade availability in github.com/chainguard-dev/malcontent...
CVE-2026-27685
SAP NetWeaver Enterprise Portal Administration is vulnerable if a privileged user uploads untrusted or malicious content that, upon deserialization, could result in a high impact on the confidentiality, integrity, and availability of the host system...
CVE-2026-24316
SAP NetWeaver Application Server for ABAP provides an ABAP Report for testing purposes, which allows to send HTTP requests to arbitrary internal or external endpoints. The report is therefore vulnerable to Server-Side Request Forgery SSRF. Successful exploitation could lead to interaction with...
CVE-2026-2273
CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exist that could cause execution of untrusted commands on the engineering workstation which could result in a limited compromise of the workstation and a potential loss of Confidentiality, Integrity and Availability of...
CVE-2026-2273
CWE-94: Improper Control of Generation of Code 'Code Injection' vulnerability exist that could cause execution of untrusted commands on the engineering workstation which could result in a limited compromise of the workstation and a potential loss of Confidentiality, Integrity and Availability of...
Description of the security update for Word 2016: March 10, 2026 (KB5002848)
Description of the security update for Word 2016: March 10, 2026 KB5002848 Summary This security update resolves a Microsoft Office remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposures CVE-2026-26113. Note: To apply this...
CVE-2026-27686 Missing Authorization check in SAP Business Warehouse (Service API)
Due to a Missing Authorization Check in SAP Business Warehouse Service API, an authenticated attacker could perform unauthorized actions via an affected RFC function module. Successful exploitation could enable unauthorized configuration and control changes, potentially disrupting request...
CVE-2026-27686
Due to a Missing Authorization Check in SAP Business Warehouse Service API, an authenticated attacker could perform unauthorized actions via an affected RFC function module. Successful exploitation could enable unauthorized configuration and control changes, potentially disrupting request...
CVE-2026-27686 Missing Authorization check in SAP Business Warehouse (Service API)
Due to a Missing Authorization Check in SAP Business Warehouse Service API, an authenticated attacker could perform unauthorized actions via an affected RFC function module. Successful exploitation could enable unauthorized configuration and control changes, potentially disrupting request...
CVE-2026-24316
CVE-2026-24316 describes a Server-Side Request Forgery in SAP NetWeaver Application Server for ABAP. An ABAP Report used for testing can send HTTP requests to arbitrary internal or external endpoints, enabling interaction with potentially sensitive internal endpoints. The documented impact is low...
CVE-2026-24309 Missing Authorization check in SAP NetWeaver Application Server for ABAP
Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker could execute specific ABAP function module to read, modify or insert entries into the database configuration table of the ABAP system. This unauthorized content change could lead to reduced...
Multiple vulnerabilities exist in the Siemens SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP add-on GNU/Linux subsystem.
The SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP is the central processing unit CPU of the Siemens S7-1500 series for high-performance, communication-demanding and complex automation tasks. Multiple vulnerabilities exist in the Siemens SIMATIC S7-1500 CPU 1518F-4 PN/DP MFP add-on GNU/Linux subsystem,...
Multiple Vulnerabilities in Siemens RUGGEDCOM APE1808 Device Fortigate NGFW
The RUGGEDCOM APE1808 is a powerful utility-grade application hosting platform that allows you to deploy a wide range of commercial applications for edge computing and cybersecurity in demanding industrial environments. Siemens RUGGEDCOM APE1808 appliance Fortigate NGFW has multiple vulnerabiliti...
Siemens SIDIS Prime has multiple vulnerabilities
SIDIS is a commissioning and testing system for vehicle production that meets the needs of digital assembly and testing of vehicle ECUs. Multiple vulnerabilities exist in Siemens SIDIS Prime versions prior to V4.0.800, which can be exploited by attackers to compromise the confidentiality, integri...
SAP NetWeaver Enterprise Portal Administration 代码问题漏洞
SAP NetWeaver Enterprise Portal Administration is an access control software developed by the German company SAP. There is a code vulnerability in SAP NetWeaver Enterprise Portal Administration. This vulnerability arises from privileged users uploading untrusted or malicious content, which may...