Plugin Alliance Aquarius Desktop 安全漏洞

Plugin Alliance Aquarius Desktop is an audio plugin management software from Plugin Alliance, Inc. A security vulnerability exists in Plugin Alliance Aquarius Desktop version 3.0.069, which stems from the Supported Data Archiving feature not properly handling symbolic links, which could lead to...

EUVD-2015-8706

Malware in sbrugna...

EUVD-2022-32166

Malicious code in bioql PyPI...

ROS-20250829-06

Vault Enterprise and Vault Community Edition enterprise data archiving platforms have a vulnerability due to incorrect privilege assignment. Edition is related to incorrect privilege assignment. Exploitation of the vulnerability could allow an attacker acting remotely to escalate privileges to ro...

CVE-2025-42966

SAP NetWeaver XML Data Archiving Service allows an authenticated attacker with administrative privileges to exploit an insecure Java deserialization vulnerability by sending a specially crafted serialized Java object. This could lead to high impact on confidentiality, integrity, and availability ...

CVE-2025-42966

CVE-2025-42966 affects SAP NetWeaver XML Data Archiving Service. The vulnerability is an insecure Java deserialization flaw exploitable by an authenticated attacker with administrative privileges via a crafted serialized Java object. This can impact confidentiality, integrity, and availability of...

ROS-20250630-02

The vulnerability of HashiCorp Vault and Vault Enterprise enterprise data archiving platforms is related to the fact that the validprincipals and defaultuser fields of the SSH secrets mechanism configuration are not are not set. Exploitation of the vulnerability could allow an attacker acting...

CVE-2022-27669

An unauthenticated user can use functions of XML Data Archiving Service of SAP NetWeaver Application Server for Java - version 7.50, to which access should be restricted. This may result in an escalation of privileges...

ROS-20241028-01

Vulnerability in HashiCorp Vault and Vault Enterprise enterprise data archiving platforms is related to user enumeration when using the LDAP authentication method. Exploitation The vulnerability could allow an attacker acting remotely to impact the integrity of the systems...

ROS-20240902-14

Vulnerability of HashiCorp Vault and Vault Enterprise enterprise data archiving platforms is related to incorrect processing of requests coming from unauthorized IP addresses. Exploitation of the vulnerability could allow a remote attacker to cause a denial of service...

CVE-2022-27669

An unauthenticated user can use functions of XML Data Archiving Service of SAP NetWeaver Application Server for Java - version 7.50, to which access should be restricted. This may result in an escalation of privileges...

CVE-2022-27669

An unauthenticated user can use functions of XML Data Archiving Service of SAP NetWeaver Application Server for Java - version 7.50, to which access should be restricted. This may result in an escalation of privileges...

CVE-2022-27669

An unauthenticated user can use functions of XML Data Archiving Service of SAP NetWeaver Application Server for Java - version 7.50, to which access should be restricted. This may result in an escalation of privileges...

Design/Logic Flaw

An unauthenticated user can use functions of XML Data Archiving Service of SAP NetWeaver Application Server for Java - version 7.50, to which access should be restricted. This may result in an escalation of privileges...

CVE-2022-27669

An unauthenticated user can use functions of XML Data Archiving Service of SAP NetWeaver Application Server for Java - version 7.50, to which access should be restricted. This may result in an escalation of privileges...

CVE-2022-27669

CVE-2022-27669 concerns SAP NetWeaver Application Server for Java 7.50, where an unauthenticated user can abuse the XML Data Archiving Service due to a lack of authentication checks, potentially causing privilege escalation. Multiple connected sources (Red Hat, CNVD, CVE listing, and NCSC overvie...

SAP NetWeaver Application Server 安全漏洞

SAP NetWeaver Application Server is an application server from SAP Germany. SAP NetWeaver Application Server elevation of privilege vulnerability, which stems from a lack of authentication checks in the XML data archiving service, can be exploited by an attacker to cause an elevation of privilege...

SAP NetWeaver Portal Cross-Site Scripting Vulnerability

SAP NetWeaver is a service-oriented, integrated application platform from SAP that provides a development and runtime environment for SAP applications.SAP NetWeaver Portal is a portal solution that provides single sign-on information for authentication via a Web browser. A cross-site scripting...

CVE-2017-11460

Cross-site scripting XSS vulnerability in the DataArchivingService servlet in SAP NetWeaver Portal 7.4 allows remote attackers to inject arbitrary web script or HTML via the responsecode parameter to shp/shpresult.jsp, aka SAP Security Note 2308535...

CVE-2015-8840

The XML Data Archiving Service XML DAS in SAP NetWeaver AS Java does not check authorization, which allows remote authenticated users to obtain sensitive information, gain privileges, or possibly have unspecified other impact via requests to 1 webcontent/cas/casenter.jsp, 2...