CVE-2025-42876 Missing Authorization Check in SAP S/4 HANA Private Cloud (Financials General Ledger)

Due to a Missing Authorization Check vulnerability in SAP S/4 HANA Private Cloud Financials General Ledger, an authenticated attacker with authorization limited to a single company code could read sensitive data and post or modify documents across all company codes. Successful exploitation could...

EUVD-2019-5478

Malware in sbrugna...

EUVD-2019-5480

Malware in sbrugna...

CVE-2025-55284

Claude Code prior to 1.0.4 contains an overly broad default allowlist of safe commands, enabling reading a local file and exfiltrating its contents over the network without user confirmation if untrusted content is injected into the Claude Code context window. The root cause is a permissive allow...

CVE-2019-14238

On STMicroelectronics STM32F7 devices, Proprietary Code Read Out Protection PCROP a software IP protection method can be defeated with a debug probe via the Instruction Tightly Coupled Memory ITCM bus...

CVE-2019-14236

On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices, Proprietary Code Read Out Protection PCROP a software IP protection method can be defeated by observing CPU registers and the effect of code/instruction execution...

CVE-2020-7081

A type confusion vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to arbitary code read/write on the system running it...

CVE-2020-7081

A type confusion vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to arbitary code read/write on the system running it...

CVE-2020-7081

A type confusion vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to arbitary code read/write on the system running it...

CVE-2019-14236

On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices, Proprietary Code Read Out Protection PCROP a software IP protection method can be defeated by observing CPU registers and the effect of code/instruction execution...

Code injection

On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices, Proprietary Code Read Out Protection PCROP a software IP protection method can be defeated by observing CPU registers and the effect of code/instruction execution...

CVE-2015-0113

CVE-2015-0113 affects IBM Jazz-based products (CLM, RTC, RRC, RDNG, RELM, RQM, Rhapsody DM, RSA DM, and related components) where the Jazz Help System permits remote attackers to read JSP source code by sending a crafted request. Affected versions include CLM 4.0–5.0.2, RQM 4.0–4.0.7 and 5.0–5.0....

PHP 5.4.3 (cli) code read vulnerability

Exploit for php platform in category web applications ============================================================= Exploit Title: PHP 5.4.3 cli code read vulnerability Date: 2012/13/06 Author: cheki Software Link: http://php.net/downloads.php Version: PHP 5.4.3 cli built: May 9 2012 15:06:10...

(CGIHTTPServer): CGI script source code disclosure

The iscgi method in CGIHTTPServer.py in the CGIHTTPServer module in Python 2.5, 2.6, and 3.0 allows remote attackers to read script source code via an HTTP GET request that lacks a / slash character at the beginning of the URI...

DEBIAN-CVE-2006-6104

The System.Web class in the XSP for ASP.NET server 1.1 through 2.0 in Mono does not properly verify local pathnames, which allows remote attackers to 1 read source code by appending a space %20 to a URI, and 2 read credentials via a request for Web.Config%20...

CVE-2006-6569

form.php in GenesisTrader 1.0 allows remote attackers to read source code for arbitrary files and obtain sensitive information via the 1 do and 2 chem parameters with a "modfich" floap parameter...

CVE-2006-4549

CHXO Feedsplitter (

linux/x86 read(0,buf,2541); chmod(buf,4755); 23 bytes

Exploit for linux/x86 platform in category shellcode ===================================================== linux/x86 read0,buf,2541; chmodbuf,4755; 23 bytes ===================================================== / readnchmod-core.c by Charles Stevenson Example of strace output if you pass in...

CVE-2000-1090

Microsoft IIS for Far East editions 4.0 and 5.0 are affected by CVE-2000-1090, where a malformed URL employing the lead-byte of a double-byte character allows remote attackers to read source code of parsed pages. The root cause is improper handling of lead-byte in double-byte character sequences ...

PT-1999-1008 · Microsoft · Iis

Name of the Vulnerable Software and Affected Versions: IIS versions 2.0 through 3.0 Description: The issue allows remote attackers to read the source code for ASP pages by appending a . dot to the end of the URL. Recommendations: For IIS versions 2.0 through 3.0, consider restricting access to AS...