SAP NetWeaver AS Missing Authentication (December 2025)

The version of SAP NetWeaver Application Server detected on the remote host is affected by a missing authentication vulnerability as disclosed in the SAP Security Patch Day December 2025: - The SAP Internet Communication Framework does not conduct any authentication checks for features that need...

EUVD-2025-201852

The SAP Internet Communication Framework does not conduct any authentication checks for features that need user identification allowing an attacker to reuse authorization tokens, violating secure authentication practices causing low impact on Confidentiality, Integrity and Availability of the...

CVE-2025-42875 Missing Authentication check in SAP NetWeaver Internet Communication Framework

The SAP Internet Communication Framework does not conduct any authentication checks for features that need user identification allowing an attacker to reuse authorization tokens, violating secure authentication practices causing low impact on Confidentiality, Integrity and Availability of the...

CVE-2025-42875

CVE-2025-42875 relates to the SAP NetWeaver/Internet Communication Framework where authentication checks are missing for features needing user identification, enabling reuse of authorization tokens. The issue, described across multiple feeds, indicates a vulnerability in SAP’s web/EC framework th...

SAP Internet Communication Framework 访问控制错误漏洞

SAP Internet Communication Framework is an Internet communication architecture from SAP, Germany. An access control error vulnerability exists in SAP Internet Communication Framework, which stems from a lack of authentication checks that could lead to the reuse of authorization tokens...

EUVD-2021-27672

Malicious code in bioql PyPI...

EUVD-2023-23923

Malicious code in bioql PyPI...

EUVD-2023-23919

Malicious code in bioql PyPI...

EUVD-2022-44778

Malicious code in bioql PyPI...

EUVD-2023-38264

Malicious code in bioql PyPI...

EUVD-2025-19419

Malicious code in bioql PyPI...

EUVD-2022-43489

Malicious code in bioql PyPI...

CVE-2025-5310

Dover Fueling Solutions ProGauge MagLink LX Consoles expose an undocumented and unauthenticated target communication framework TCF interface on a specific port. Files can be created, deleted, or modified, potentially leading to remote code execution...

CVE-2025-5310

Dover Fueling Solutions ProGauge MagLink LX Consoles expose an undocumented and unauthenticated target communication framework TCF interface on a specific port. Files can be created, deleted, or modified, potentially leading to remote code execution...

CVE-2025-5310 Dover Fueling Solutions ProGauge MagLink LX Consoles Missing Authentication for Critical Function

Dover Fueling Solutions ProGauge MagLink LX Consoles expose an undocumented and unauthenticated target communication framework TCF interface on a specific port. Files can be created, deleted, or modified, potentially leading to remote code execution...

CVE-2023-34164

Vulnerability of incomplete input parameter verification in the communication framework module. Successful exploitation of this vulnerability may affect availability...

CVE-2023-1691

Vulnerability of failures to capture exceptions in the communication framework. Successful exploitation of this vulnerability may cause features to perform abnormally...

CVE-2023-1695

Vulnerability of failures to capture exceptions in the communication framework. Successful exploitation of this vulnerability may cause features to perform abnormally...

CVE-2022-40187

Foresight GC3 Launch Monitor 1.3.15.68 ships with a Target Communication Framework TCF service enabled. This service listens on a TCP port on all interfaces and allows for process debugging, file system modification, and terminal access as the root user. In conjunction with a hosted wireless acce...

CVE-2022-41586

The communication framework module has a vulnerability of not truncating data properly.Successful exploitation of this vulnerability may affect data confidentiality...