94 matches found
CVE-2026-24323
The BSP applications allow an unauthenticated user to inject malicious script content via user-controlled URL parameters that are not sufficiently sanitized. When a victim accesses a crafted URL, the injected script is executed in the victim�s browser, leading to a low impact on confidentiality a...
CVE-2026-24327 Missing Authorization Check in SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application)
Due to missing authorization check in SAP Strategic Enterprise Management Balanced Scorecard in Business Server Pages, an authenticated attacker could access information that they are otherwise unauthorized to view. This leads to low impact on confidentiality and no effect on integrity or...
CVE-2026-24323
CVE-2026-24323 affects BSP applications of SAP Document Management System. An unauthenticated user can inject malicious script via user-controlled URL parameters that are not sufficiently sanitized, causing script execution in the victim’s browser. Impact is described as low for confidentiality a...
CVE-2026-24323 Multiple vulnerabilities in BSP Applications of SAP Document Management System
The BSP applications allow an unauthenticated user to inject malicious script content via user-controlled URL parameters that are not sufficiently sanitized. When a victim accesses a crafted URL, the injected script is executed in the victim�s browser, leading to a low impact on confidentiality a...
CVE-2026-24323 Multiple vulnerabilities in BSP Applications of SAP Document Management System
The BSP applications allow an unauthenticated user to inject malicious script content via user-controlled URL parameters that are not sufficiently sanitized. When a victim accesses a crafted URL, the injected script is executed in the victim�s browser, leading to a low impact on confidentiality a...
CVE-2026-0505 Multiple vulnerabilities in BSP Applications of SAP Document Management System
The BSP applications allow an unauthenticated user to manipulate user-controlled URL parameters that are not sufficiently validated. This could result in unvalidated redirection to attacker-controlled websites, leading to a low impact on confidentiality and integrity, and no impact on the...
CVE-2026-0505 Multiple vulnerabilities in BSP Applications of SAP Document Management System
The BSP applications allow an unauthenticated user to manipulate user-controlled URL parameters that are not sufficiently validated. This could result in unvalidated redirection to attacker-controlled websites, leading to a low impact on confidentiality and integrity, and no impact on the...
CVE-2026-0505
CVE-2026-0505 affects BSP applications where unauthenticated users can manipulate user-controlled URL parameters that are not sufficiently validated, resulting in unvalidated redirects to attacker-controlled websites. Root cause: insufficient validation of URL parameters. Impact per provided metr...
CVE-2023-25614
SAP NetWeaver AS ABAP BSP Framework application - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allow an unauthenticated attacker to inject the code that can be executed by the application over the network. On successful exploitation it can gain access to the sensitive...
EUVD-2020-3612
Malware in sbrugna...
EUVD-2020-3611
Malware in sbrugna...
EUVD-2020-3613
Malware in sbrugna...
EUVD-2022-30307
Malicious code in bioql PyPI...
EUVD-2023-28547
Malicious code in bioql PyPI...
EUVD-2023-42353
Malicious code in bioql PyPI...
DEBIAN-CVE-2025-39681
In the Linux kernel, the following vulnerability has been resolved: x86/cpu/hygon: Add missing resctrlcpudetect in bspinit helper Since 923f3a2b48bd "x86/resctrl: Query LLC monitoring properties once during boot" resctrlcpudetect has been moved from common CPU initialization code to the...
CVE-2025-39681
In the Linux kernel, the following vulnerability has been resolved: x86/cpu/hygon: Add missing resctrlcpudetect in bspinit helper Since 923f3a2b48bd "x86/resctrl: Query LLC monitoring properties once during boot" resctrlcpudetect has been moved from common CPU initialization code to the...
UBUNTU-CVE-2025-39681
In the Linux kernel, the following vulnerability has been resolved: x86/cpu/hygon: Add missing resctrlcpudetect in bspinit helper Since 923f3a2b48bd "x86/resctrl: Query LLC monitoring properties once during boot" resctrlcpudetect has been moved from common CPU initialization code to the...
CVE-2025-39681
CVE-2025-39681 relates to the Linux kernel on x86 with Hygon CPUs. The root cause was a missing resctrl_cpu_detect() call in the Hygon BSP init path after resctrl_cpu_detect() was moved to vendor-specific init code. This caused a division-by-zero in get_rdt_mon_resources() during early boot due t...
CVE-2023-24529
Due to lack of proper input validation, BSP application CRMBSPFRAME - versions 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75D, 75E, 75F, 75G, 75H, allow malicious inputs from untrusted sources, which can be leveraged by an attacker to execute a Reflected Cross-Site Scripting XSS attack. As a...