EUVD-2026-35284

SAP MDG Review Match Groups Application does not perform the necessary authorization checks for authenticated users. This could allow a low-privileged user to perform actions that would otherwise be restricted, resulting in escalation of privileges. This has a low impact on integrity, while...

CVE-2024-21950

An out of bounds read in the remote management firmware could allow a privileged attacker read a limited section of memory outside of established bounds potentially resulting in loss of confidentiality or availability...

CVE-2025-48513

Use of uninitialized resource within the AMD Platform Management Framework PMF could allow an attacker to read a uninitialized kernel memory resulting in loss of confidentiality or availability...

CVE-2025-62627

An untrusted pointer dereference in the ionic cloud driver for VMWare ESXi could allow an attacker with an unprivileged VM to read kernel memory or co-located guest VM memory, potentially resulting in loss of confidentiality or availability...

CVE-2026-40131

SQL injection vulnerability exists in @sap/hdi-deploy package, where SQL queries are dynamically constructed using user input without proper parameterization or prepared statements. Successful exploitation could allow the high privileged users to alter the SELECT statements impacting...

CVE-2023-20548

A Time-of-check time-of-use TOCTOU race condition in the AMD Secure Processor ASP could allow an attacker to corrupt memory resulting in loss of integrity, confidentiality, or availability...

CVE-2023-20548

CVE-2023-20548 describes a TOCTOU race in the AMD Secure Processor (ASP) that could lead to memory corruption with impacts to integrity, confidentiality, and availability. Affected component is ASP; the underlying issue is a race condition between checks and usage that attackers could potentially...

PT-2026-2351

Name of the Vulnerable Software and Affected Versions versions prior to 2025-41717 Description An unauthenticated remote attacker can trick a high privileged user into uploading a malicious payload via the config-upload endpoint, leading to code injection as root. This results in a total loss of...

EUVD-2021-26348

Malware in sbrugna...

EUVD-2014-6395

Malware in sbrugna...

EUVD-2013-3752

Malware in sbrugna...

EUVD-2013-3719

Malware in sbrugna...

EUVD-2013-0458

Malware in sbrugna...

EUVD-2018-5737

Malware in sbrugna...

EUVD-2021-33541

Malicious code in bioql PyPI...

PT-2025-29918 · Wegia · Wegia

Name of the Vulnerable Software and Affected Versions: WeGIA versions prior to 3.4.6 Description: WeGIA is an open source web manager. A SQL Injection vulnerability exists in versions prior to 3.4.6. This vulnerability allows attackers to execute arbitrary SQL commands via the...

CVE-2025-0067

Due to a missing authorization check on service endpoints in the SAP NetWeaver Application Server Java, an attacker with standard user role can create JCo connection entries, which are used for remote function calls from or to the application server. This could lead to low impact on...

CVE-2022-48349

The control component has a spoofing vulnerability. Successful exploitation of this vulnerability may affect confidentiality and availability...

CVE-2019-10928

A vulnerability has been identified in SCALANCE SC-600 V2.0. An authenticated attacker with access to port 22/tcp as well as physical access to an affected device may trigger the device to allow execution of arbitrary commands. The security vulnerability could be exploited by an authenticated...

CVE-2019-2424

Vulnerability in the Oracle Retail Convenience Store Back Office component of Oracle Retail Applications subcomponent: Level 3 Maintenance Functions. The supported version that is affected is 3.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to...