CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/01/09 9:20 a.m.•3 views

CVE-2021-33694

SAP Cloud Connector, version - 2.0, does not sufficiently encode user-controlled inputs, allowing an attacker with Administrator rights, to include malicious codes that get stored in the database, and when accessed, could be executed in the application, resulting in Stored Cross-Site Scripting...

5.9CVSS6.3AI score0.00156EPSS

RedhatCVE•added 2026/01/09 9:20 a.m.•5 views

CVE-2021-33692

SAP Cloud Connector, version - 2.0, allows the upload of zip files as backup. This backup file can be tricked to inject special elements such as '..' and '/' separators, for attackers to escape outside of the restricted location to access files or directories...

7.5CVSS7AI score0.0035EPSS

7.5CVSS7.6AI score0.00324EPSS

EUVD-2021-10043

Malware in sbrugna...

7.5CVSS5.9AI score0.0035EPSS

EUVD-2021-20369

Malware in sbrugna...

7.7CVSS6.2AI score0.00127EPSS

EUVD-2021-20370

Malware in sbrugna...

5.9CVSS5.9AI score0.00156EPSS

EUVD-2021-20371

Malware in sbrugna...

EUVD•added 2025/10/07 12:30 a.m.•19 views

EUVD-2019-1019

Malware in sbrugna...

9.8CVSS9.5AI score0.03169EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-1020

Malware in sbrugna...

9.8CVSS9.5AI score0.00569EPSS

8.8CVSS7.6AI score0.00231EPSS

EUVD-2018-14264

Malware in sbrugna...

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-20372

Malware in sbrugna...

9.1CVSS7AI score0.0011EPSS

4.2CVSS6.6AI score0.00159EPSS

EUVD-2024-31908

Malicious code in bioql PyPI...

3.5CVSS4.7AI score0.00047EPSS

EUVD-2023-53531

Malicious code in bioql PyPI...

3.5CVSS6.5AI score0.00031EPSS

EUVD-2025-24204

Malicious code in bioql PyPI...

7.4CVSS7.4AI score0.00434EPSS

EUVD-2024-22958

Malicious code in bioql PyPI...

Exploits1References4

NCSC•added 2025/09/05 11:12 a.m.•6 views

Vulnerabilities fixed in SAP products

SAP has fixed vulnerabilities in several products, including in SAP NetWeaver Application Server ABAP, SAP S/4HANA, SAP Landscape Transformation and AP Cloud Connector. The vulnerabilities include circumvention of authorization controls, Cross-Site Scripting XSS and a Directory Traversal...

9.9CVSS7AI score0.00236EPSS

RedhatCVE•added 2025/08/14 2:24 a.m.•7 views

CVE-2025-42955

Due to a missing authorization check in SAP Cloud Connector, an attacker on an adjacent network with low privileges could send a crafted request to the endpoint responsible for testing LDAP connections. A successful exploit could lead to reduced performance, hence a low-impact on availability of...

3.5CVSS7.1AI score0.00031EPSS

NVD•added 2025/08/12 3:15 a.m.•2 views

CVE-2025-42955

3.5CVSS0.00031EPSS

CVE•added 2025/08/12 2:9 a.m.•13 views

CVE-2025-42955

CVE-2025-42955 involves a missing authorization check in SAP Cloud Connector. An attacker on an adjacent network with low privileges can send a crafted request to the LDAP testing endpoint, potentially causing degraded service availability (low impact). Confidentiality and integrity are not affec...

3.5CVSS7AI score0.00031EPSS

Vulnrichment•added 2025/08/12 2:9 a.m.•1 views

CVE-2025-42955 Missing authorization check in SAP Cloud Connector

3.5CVSS7AI score0.00031EPSS