Lucene search
K

3170 matches found

EUVD
EUVD
added 1 hour ago4 views

EUVD-2026-44664

Permission control vulnerability in the file system. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

7.8CVSS6.1AI score
Exploits0References3
Cvelist
Cvelist
added 4 hours ago8 views

CVE-2026-58558

Permission control vulnerability in the file system. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

7.8CVSS
Exploits0References2
CVE
CVE
added 5 hours ago4 views

CVE-2026-58553

CVE-2026-58553 is described as an out-of-bounds read in the image codec module with potential impact to service confidentiality. Metrics show CVSSv3.1: Local attack vector, Low attack complexity, No privileges required, No user interaction, Confidentiality impact None, Integrity impact None, Avai...

4CVSS6.1AI score
Exploits0References4
Cvelist
Cvelist
added 5 hours ago4 views

CVE-2026-58552

Out-of-bounds read vulnerability in the image codec module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

5.1CVSS
Exploits0References4
CVE
CVE
added 5 hours ago4 views

CVE-2026-58552

CVE-2026-58552 describes an out-of-bounds read in the image codec module. The CVSS v3.1 base score is 5.1 (MEDIUM); attack vector: LOCAL , no privileges required, no user interaction. Impacts: confidentiality and availability may be affected; integrity: NONE . The connected documents provide no c...

5.1CVSS6.1AI score
Exploits0References4
Cvelist
Cvelist
added 5 hours ago4 views

CVE-2026-58551

Out-of-bounds read vulnerability in the image codec module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

5.1CVSS
Exploits0References4
Cvelist
Cvelist
added 5 hours ago5 views

CVE-2026-58550

Out-of-bounds read vulnerability in the image codec module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

4CVSS
Exploits0References4
Cvelist
Cvelist
added 5 hours ago4 views

CVE-2026-58549

Out-of-bounds read vulnerability in the image codec module. Impact: Successful exploitation of this vulnerability may affect service confidentiality...

4CVSS
Exploits0References4
Nuclei
Nuclei
added 12 hours ago37 views

Leantime < 2.4 - Authenticated SQL Injection

Leantime is an open source project management system. A 'userId' variable in app/domain/files/repositories/class.files.php is not parameterized. An authenticated attacker can send a carefully crafted POST request to /api/jsonrpc to exploit an SQL injection vulnerability. Confidentiality is impact...

6.5CVSS6.6AI score0.01872EPSS
Exploits0References1
NVD
NVD
added yesterday4 views

CVE-2026-44761

SAP Commerce Cloud could retain a sample OAuth2 client with publicly documented sample credentials originating from sample configuration provided in SAP Help Portal documentation. If left unchanged, an unauthenticated attacker could use these well-known credentials to obtain a valid access token...

9.1CVSS0.00352EPSS
Exploits0References2
NVD
NVD
added yesterday8 views

CVE-2026-44770

SAP Create Single Payment does not perform necessary authorization checks for an authenticated user, a restricted user could access specific entity set keys resulting in disclosure of information. This has low impact on confidentiality, with no impact on integrity and availability of the...

4.3CVSS0.00168EPSS
Exploits0References2
NVD
NVD
added yesterday6 views

CVE-2026-44753

SAP HANA Database user self service tools allows an unauthenticated user to send specially crafted requests that produce distinguishable responses, enabling enumeration of valid user accounts and email addresses. Successful exploitation could allow the attacker to enumerate valid user accounts,...

3.7CVSS0.0022EPSS
Exploits0References2
NVD
NVD
added yesterday4 views

CVE-2026-0487

SAProuter on Microsoft Windows allows an unauthenticated attacker to load library DLL files from an untrusted location, allowing them to execute malicious code on the system. This could enable the attacker to hijack the DLL loading process and achieve arbitrary code execution. This has high impac...

8.4CVSS0.00148EPSS
Exploits0References2
EUVD
EUVD
added yesterday7 views

EUVD-2026-43595

SAP S/4HANA Draft operation does not perform necessary authorization checks for an authenticated user, a restricted user could access information within the entity resulting in escalation of privileges. This results in low impact on confidentiality, with no impact on integrity and availability of...

4.3CVSS6.1AI score0.00172EPSS
Exploits0References2
Cvelist
Cvelist
added yesterday23 views

CVE-2026-44771 Missing Authorization check in SAP S/4HANA (Draft operation)

SAP S/4HANA Draft operation does not perform necessary authorization checks for an authenticated user, a restricted user could access information within the entity resulting in escalation of privileges. This results in low impact on confidentiality, with no impact on integrity and availability of...

4.3CVSS0.00172EPSS
Exploits0References2
EUVD
EUVD
added yesterday7 views

EUVD-2026-43594

SAP Create Single Payment does not perform necessary authorization checks for an authenticated user, a restricted user could access specific entity set keys resulting in disclosure of information. This has low impact on confidentiality, with no impact on integrity and availability of the...

4.3CVSS6.1AI score0.00168EPSS
Exploits0References2
Cvelist
Cvelist
added yesterday23 views

CVE-2026-44770 Missing Authorization check in SAP S/4 HANA (Create Single Payment)

SAP Create Single Payment does not perform necessary authorization checks for an authenticated user, a restricted user could access specific entity set keys resulting in disclosure of information. This has low impact on confidentiality, with no impact on integrity and availability of the...

4.3CVSS0.00168EPSS
Exploits0References2
EUVD
EUVD
added yesterday5 views

EUVD-2026-43593

SAP S/4HANA application Project Management PPM-PRO allows an attacker with high privileges to execute crafted database queries, exposing the backend database. This results in low impact on confidentiality, with no impact on integrity and availability of the application...

5.5CVSS6.2AI score0.00197EPSS
Exploits0References2
CVE
CVE
added yesterday12 views

CVE-2026-44769

CVE-2026-44769 affects SAP S/4HANA Project Management (PPM-PRO). The connected documents describe a vulnerability where an attacker with high privileges can induce crafted database queries, resulting in exposure of the backend database. The impact is specified as low for confidentiality (C:H) wit...

5.5CVSS6.2AI score0.00197EPSS
Exploits0References2
EUVD
EUVD
added yesterday6 views

EUVD-2026-43588

SAP HANA Database user self service tools allows an unauthenticated user to send specially crafted requests that produce distinguishable responses, enabling enumeration of valid user accounts and email addresses. Successful exploitation could allow the attacker to enumerate valid user accounts,...

3.7CVSS6.1AI score0.0022EPSS
Exploits0References2
Rows per page
Query Builder