Lucene search
K

37 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:0 a.m.3 views

CVE-2023-50423

SAP BTP Security Services Integration Library Python sap-xssec - versions 4.1.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application...

9.8CVSS7.3AI score0.01109EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-24793

Malicious code in bioql PyPI...

7.3CVSS6.5AI score0.00253EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/16 11:25 a.m.5 views

CVE-2025-52800

Missing Authorization vulnerability in Unity Business Technology Pty Ltd The E-Commerce ERP profitori allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects The E-Commerce ERP: from n/a through = 2.1.1.3...

7.3CVSS5.9AI score0.00253EPSS
Exploits0References1
NVD
NVD
added 2025/08/14 11:15 a.m.4 views

CVE-2025-52800

Missing Authorization vulnerability in Unity Business Technology Pty Ltd The E-Commerce ERP profitori allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects The E-Commerce ERP: from n/a through = 2.1.1.3...

7.3CVSS0.00253EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/14 10:33 a.m.2 views

CVE-2025-52800 WordPress The E-Commerce ERP <= 2.1.1.3 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Unity Business Technology Pty Ltd The E-Commerce ERP allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects The E-Commerce ERP: from n/a through 2.1.1.3...

7.3CVSS7.1AI score0.00253EPSS
Exploits0References1
CVE
CVE
added 2025/08/14 10:33 a.m.13 views

CVE-2025-52800

CVE-2025-52800: The E-Commerce ERP WordPress plugin (Unity Business Technology Pty) has a Missing Authorization flaw in ACLs for versions n/a through 2.1.1.3. Exploitation details are not provided in the documents, but remediation is to update The E-Commerce ERP to a version later than 2.1.1.3.

7.3CVSS5.9AI score0.00253EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/07/18 11:54 a.m.14 views

CVE-2025-52836

Incorrect Privilege Assignment vulnerability in Unity Business Technology Pty Ltd The E-Commerce ERP profitori allows Privilege Escalation.This issue affects The E-Commerce ERP: from n/a through = 2.1.1.3...

9.8CVSS5.9AI score0.00421EPSS
Exploits0References1
NVD
NVD
added 2025/07/16 12:15 p.m.8 views

CVE-2025-52836

Incorrect Privilege Assignment vulnerability in Unity Business Technology Pty Ltd The E-Commerce ERP profitori allows Privilege Escalation.This issue affects The E-Commerce ERP: from n/a through = 2.1.1.3...

9.8CVSS0.00421EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/07/16 11:27 a.m.5 views

CVE-2025-52836 WordPress The E-Commerce ERP <= 2.1.1.3 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in Unity Business Technology Pty Ltd The E-Commerce ERP allows Privilege Escalation. This issue affects The E-Commerce ERP: from n/a through 2.1.1.3...

9.8CVSS6.5AI score0.00421EPSS
Exploits0References1
CVE
CVE
added 2025/07/16 11:27 a.m.18 views

CVE-2025-52836

CVE-2025-52836 is an active privilege-escalation vulnerability in WordPress The E-Commerce ERP by Unity Business Technology Pty Ltd. Affected versions are listed as n/a through 2.1.1.3. The issue enables privilege escalation (CVSSv3.1 base score 9.8, critical). Public details in connected sources...

9.8CVSS5.9AI score0.00421EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/16 12:0 a.m.6 views

PT-2025-29819 · Unity Business Technology Pty · The E-Commerce Erp

Name of the Vulnerable Software and Affected Versions: The E-Commerce ERP versions n/a through 2.1.1.3 Description: An incorrect privilege assignment issue exists in Unity Business Technology Pty Ltd The E-Commerce ERP, allowing privilege escalation. Recommendations: Update The E-Commerce ERP to ...

9.8CVSS6.3AI score0.00421EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/12/21 12:0 a.m.8 views

The vulnerability of the authentication library in applications that use the SAP Identity Services (IAS) cloud-security-client-go development, integration, and extension platform for applications in the SAP Business Technology Platform (BTP) environment arises from insecure management of privileges. This allows attackers to escalate their privileges.

The vulnerability of the authentication library in applications that use the SAP Identity Authentication Service IAS on the SAP Business Technology Platform BTP for application development, integration, and expansion involves insecure management of privileges. Exploiting this vulnerability could...

9.4CVSS7.7AI score0.01127EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2023/12/12 2:15 a.m.5 views

CVE-2023-49583

SAP BTP Security Services Integration Library Node.js @sap/xssec - versions 3.6.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application...

9.8CVSS7.4AI score0.01085EPSS
Exploits0References7Affected Software1
Vulnrichment
Vulnrichment
added 2023/12/12 1:22 a.m.2 views

CVE-2023-49583 Escalation of Privileges in SAP BTP Security Services Integration Library ([Node.js] @sap/xssec)

SAP BTP Security Services Integration Library Node.js @sap/xssec - versions 3.6.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attacker can obtain arbitrary permissions within the application...

9.1CVSS8.9AI score0.01085EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2023/12/11 12:0 a.m.9 views

PT-2023-7891 · Sap · Sap Btp Security Services Integration Library +1

Name of the Vulnerable Software and Affected Versions: SAP BTP Security Services Integration Library Python sap-xssec versions = 4.1.0 It is recommended to upgrade to the latest released version to ensure the issue is fully resolved. No workarounds are available for this issue...

9.8CVSS7.5AI score0.01109EPSS
Exploits0References17
HackRead
HackRead
added 2023/08/25 12:5 p.m.22 views

Beyond Cold Calls: Ringless Voicemail As A Personalized Customer Engagement Tool

By Owais Sultan Ringless voicemail RVM is a technology that allows businesses to deliver pre-recorded messages directly to a customer's voicemail inbox without their phone ringing. This is a post from HackRead.com Read the original post: Beyond Cold Calls: Ringless Voicemail As A Personalized...

6.9AI score
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 4:49 a.m.3 views

SUSE CVE-2017-5689

An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology AMT and Intel Standard Manageability ISM. An unprivileged local attacker could provision manageability features gaining unprivileged network or local system...

10CVSS9.3AI score0.92189EPSS
Exploits7References2
CISA KEV Catalog
CISA KEV Catalog
added 2022/01/28 12:0 a.m.19 views

Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability Privilege Escalation Vulnerability

Intel products contain a vulnerability which can allow attackers to perform privilege escalation...

10CVSS6AI score0.92189EPSS
In wildExploits7
Github Security Blog
Github Security Blog
added 2021/11/10 4:51 p.m.31 views

Unauthorized access to data in @sap-cloud-sdk/core

Impact This affects applications on SAP Business Technology Platform that use the SAP Cloud SDK and enabled caching of destinations. In some cases, when user information was missing, destinations were cached without user information, allowing other users to retrieve the same destination with its...

5.9CVSS0.6AI score0.01657EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2021/11/05 11:15 p.m.22 views

CVE-2021-41251

@sap-cloud-sdk/core contains the core functionality of the SAP Cloud SDK as well as the SAP Business Technology Platform abstractions. This affects applications on SAP Business Technology Platform that use the SAP Cloud SDK and enabled caching of destinations. In affected versions and in some...

5.9CVSS0.01657EPSS
Exploits1References3
Rows per page
Query Builder