Lucene search
K

5 matches found

Positive Technologies
Positive Technologies
added 2026/06/23 12:0 a.m.9 views

PT-2026-51642

Name of the Vulnerable Software and Affected Versions Snipe-IT affected versions not specified Description An authorization bypass exists in the BulkAssetsController::update function. The system accepts the company id variable directly from user input without utilizing the standard company-scopin...

6.3CVSS5.9AI score
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/10 12:18 a.m.2 views

CVE-2026-27687

Due to missing authorization check in SAP S/4HANA HCM Portugal and SAP ERP HCM Portugal, a user with high privileges could access sensitive data belonging to another company. This vulnerability has a high impact on confidentiality and does not affect integrity and availability...

5.8CVSS5.8AI score0.00262EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2025/12/09 12:0 a.m.4 views

SAP S/4 HANA 安全漏洞

SAP S/4 HANA is an intelligent, integrated ERP software for large enterprises from SAP, a German company. A security vulnerability exists in SAP S/4 HANA Private Cloud that stems from a lack of authorization checks and could lead to cross-company code reading sensitive data and modifying document...

7.1CVSS6.6AI score0.00265EPSS
Exploits0References2
OSV
OSV
added 2022/01/18 8:15 p.m.1 views

CVE-2021-44838

An issue was discovered in Delta RM 1.2. Using the /risque/risque/ajax-details endpoint, with a POST request indicating the risk to access with the id parameter, it is possible for users to access risks of other companies...

4.3CVSS5.8AI score
Exploits0References2
Microsoft Secure
Microsoft Secure
added 2019/08/07 11:50 p.m.129 views

A case study in industry collaboration: Poisoned RDP vulnerability disclosure and response

Earlier this year, I reached out to Check Point researcher Eyal Itkin, who had published multiple flaws in several Remote Desktop Protocol RDP clients, including a vulnerability in mstsc.exe, the built-in RDP client application in Windows. While there were no active exploits detected in the wild,...

8.5CVSS8.4AI score0.70966EPSS
Exploits0
Rows per page
Query Builder