Lucene search
+L

9 matches found

NVD
NVD
added 3 days ago6 views

CVE-2026-46421

The SAP Cloud Application Programming Model is a tool for building enterprise-grade cloud applications, and cap-js/cds-dbs is the monorepo for SQL database services for that tool. On April 29, 2026, compromised versions of @cap-js/[email protected], @cap-js/[email protected], and @cap-js/[email protected]....

9.3CVSS0.00384EPSS
Exploits0References4
CVE
CVE
added 3 days ago19 views

CVE-2026-46421

The CVE concerns a supply-chain compromise in the SAP Cloud Application Programming Model’s cap-js/cds-dbs monorepo. On 2026-04-29, compromised versions of @cap-js/[email protected], @cap-js/[email protected], and @cap-js/[email protected] were published; these malicious packages harvested credentials (n...

9.3CVSS6.1AI score0.00384EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 6:48 p.m.9 views

CVE-2024-47091

Privilege escalation in the mkmysql agent plugin on Windows in Checkmk 2.4.0p29, 2.3.0p47, and 2.2.0 EOL allows a local unprivileged user able to create a Windows service whose name matches 'MySQL' or 'MariaDB' or with write access to a binary referenced by such a service to execute arbitrary cod...

7.8CVSS6AI score0.00119EPSS
Exploits0References1
Github Security Blog
Github Security Blog
added 2026/05/20 3:33 p.m.22 views

Supply chain compromise via malicious package versions (@cap-js/sqlite, @cap-js/postgres, @cap-js/db-service)

Impact On April 29, 2026, compromised versions of @cap-js/[email protected], @cap-js/[email protected], and @cap-js/[email protected] were published. The malicious packages harvested credentials and attempted self-propagation. If a compromised version was installed, all credentials accessible on that...

9.3CVSS5.8AI score0.00384EPSS
Exploits0References5Affected Software3
OSV
OSV
added 2026/05/20 3:33 p.m.9 views

GHSA-PVW4-CVR4-97P8 Supply chain compromise via malicious package versions (@cap-js/sqlite, @cap-js/postgres, @cap-js/db-service)

Impact On April 29, 2026, compromised versions of @cap-js/[email protected], @cap-js/[email protected], and @cap-js/[email protected] were published. The malicious packages harvested credentials and attempted self-propagation. If a compromised version was installed, all credentials accessible on that...

9.3CVSS5.8AI score0.00384EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/20 12:0 a.m.12 views

PT-2026-42206

Name of the Vulnerable Software and Affected Versions @cap-js/sqlite version 2.2.2 @cap-js/postgres version 2.2.2 @cap-js/db-service version 2.10.1 Description Compromised versions of these packages were published to harvest credentials and attempt self-propagation. If installed, any credentials...

9.3CVSS6.1AI score0.00384EPSS
Exploits0References10
vulnersOsv
vulnersOsv
added 2019/03/14 3:40 p.m.6 views

com.ge.research.semtk:arangoDbService (=2.2.2), com.ge.research.semtk:athenaService (=2.2.2) +74 more potentially affected by CVE-2016-3083 via org.apache.hive:hive-service (>=0.8.0 <=1.2.1)

org.apache.hive:hive-service MAVEN version =0.8.0, =2.2.1, =2.2.1, =2.2.1, =2.2.2 - com.ge.research.semtk:sparqlGraphResultsService =2.2.2 and more Source cves: CVE-2016-3083 Source advisory: OSV:GHSA-GF2V-9HP6-44QG...

7.5CVSS7.2AI score0.01006EPSS
Exploits0
Prion
Prion
added 2015/11/12 3:59 a.m.16 views

Design/Logic Flaw

The DB service in IBM System Networking Switch Center SNSC before 7.3.1.5 and Lenovo Switch Center before 8.1.2.0 allows remote attackers to obtain sensitive administrator-account information via a request on port 40999, as demonstrated by an improperly encrypted password...

5CVSS6.5AI score0.01318EPSS
Exploits0References2Affected Software2
Zero Day Initiative
Zero Day Initiative
added 2015/11/10 12:0 a.m.29 views

IBM System Networking Switch Center DB Service Remote Elevation of Privilege Vulnerability

This vulnerability allows remote attackers to disclose information on vulnerable installations of IBM System Networking Switch Center. Authentication is not required to exploit this vulnerability. The specific flaw exists within the IBM SNSC DB Service, that listens by default on port 40999. This...

7.1CVSS6.1AI score0.01318EPSS
Exploits0References1
Rows per page
Query Builder