Lucene search
K

14 matches found

Vulnrichment
Vulnrichment
added 2026/05/12 4:34 p.m.9 views

CVE-2026-20771

Null pointer dereference for some IntelR QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result...

6.9CVSS5.7AI score0.00101EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/14 12:8 a.m.3 views

CVE-2026-34257 Open Redirect vulnerability in SAP NetWeaver Application Server ABAP

Due to an Open Redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft malicious URL that, if accessed by a victim, they could be redirected to the page controlled by the attacker. This causes low impact on confidentiality and integrity of the...

6.1CVSS5.8AI score0.00155EPSS
Exploits0References2
CVE
CVE
added 2026/03/31 5:52 p.m.8 views

CVE-2025-62184

CVE-2025-62184 affects Pega Platform versions 8.1.0 through 25.1.0 with a Stored Cross-site Scripting vulnerability in a UI component. Exploitation requires an administrative user with extensive rights; impact is limited to Confidentiality (LOW) and does not impact Integrity or Availability. The ...

4.8CVSS5.9AI score0.00258EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/31 5:52 p.m.1 views

CVE-2025-62184

Pega Platform versions 8.1.0 through 25.1.0 are affected by a Stored Cross-site Scripting vulnerability in a user interface component. Requires an administrative user and given extensive access rights, impact to Confidentiality is low and Integrity is none...

4.8CVSS5.9AI score0.00258EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/31 12:0 a.m.13 views

PT-2026-29322

Pega Platform versions 8.1.0 through 25.1.0 are affected by a Stored Cross-site Scripting vulnerability in a user interface component. Requires an administrative user and given extensive access rights, impact to Confidentiality is low and Integrity is none...

4.8CVSS5.9AI score0.00258EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/10/06 1:8 p.m.10 views

CVE-2025-54088

CVE-2025-54088 is an open-redirect vulnerability in Secure Access prior to version 14.10. Attackers with access to the console can redirect victims to an arbitrary URL. The attack complexity is low, attack requirements are present, no privileges are required, and users must actively participate i...

5.5CVSS6.6AI score0.00172EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-32210

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00164EPSS
Exploits0References2
CVE
CVE
added 2025/10/02 7:56 p.m.15 views

CVE-2025-54086

CVE-2025-54086 affects Absolute Secure Access, Warehouse component, prior to version 14.10. The vulnerability is an excess-permissions issue enabling attackers with local file-system access to read the Java keystore file. Severity: CVSS 3.1 Base 3.3 (LOW) to CVSS 4.0 Base 5.3 (MEDIUM) depending o...

5.3CVSS5.9AI score0.00164EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/07/10 1:30 a.m.4 views

CVE-2025-42974

Due to missing authorization check, an attacker authenticated as a non-administrative user could call a remote-enabled function module. This could enable access to information normally restricted, resulting in low impact on confidentiality. There is no impact on integrity or availability...

4.3CVSS6.7AI score0.0023EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:46 a.m.6 views

CVE-2024-28164

SAP NetWeaver AS Java CAF - Guided Procedures allows an unauthenticated user to access non-sensitive information about the server which would otherwise be restricted causing low impact on confidentiality of the application...

5.3CVSS6.8AI score0.00326EPSS
Exploits0References1
NVD
NVD
added 2025/02/26 8:15 p.m.11 views

CVE-2025-1726

There is a SQL injection issue in Esri ArcGIS Monitor versions 2023.0 through 2024.x on Windows and Linux that allows a remote, authenticated attacker with low privileges to improperly read limited database schema information by passing crafted queries. While it is possible to enumerate some...

4.3CVSS0.00379EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/26 7:28 p.m.12 views

CVE-2025-1726 [#BUG-000172669 ArcGIS Monitor has a security vulnerability]

There is a SQL injection issue in Esri ArcGIS Monitor versions 2023.0 through 2024.x on Windows and Linux that allows a remote, authenticated attacker with low privileges to improperly read limited database schema information by passing crafted queries. While it is possible to enumerate some...

4.3CVSS0.00379EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/13 3:52 a.m.35 views

CVE-2024-41733 Information Disclosure Vulnerability in SAP Commerce

In SAP Commerce, valid user accounts can be identified during the customer registration and login processes. This allows a potential attacker to learn if a given e-mail is used for an account, but does not grant access to any customer data beyond this knowledge. The attacker must already know the...

5.3CVSS0.00312EPSS
Exploits0References2
NVD
NVD
added 2022/12/16 4:15 p.m.19 views

CVE-2022-42351

Adobe Experience Manager version 6.5.14 and earlier is affected by an Incorrect Authorization vulnerability that could result in a security feature bypass. A low-privileged attacker could leverage this vulnerability to disclose low level confidentiality information. Exploitation of this issue doe...

4.3CVSS0.00922EPSS
Exploits0References1
Rows per page
Query Builder