CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

355 matches found

ATTACKERKB•added 2026/06/09 12:21 a.m.•6 views

CVE-2026-44754

The Remote Function Call RFC modules of the Operational Data Provisioning Data Replication API ODP-RFC are missing caller identification of permitted SAP-internal applications and are being used by customer or third-party applications in ways that are not aligned with its intended usage. Which...

6.6CVSS5.5AI score0.00219EPSS

Exploits0References3Affected Software1

CVE•added 2026/06/09 12:21 a.m.•39 views

CVE-2026-44754

The CVE-2026-44754 issue affects SAP’s Operational Data Provisioning (ODP) RFC APIs, where RFC modules fail to perform caller identification for allowed SAP-internal applications. This allows customer/third-party applications to use ODP-RFC functionality in ways not aligned with its intended usag...

6.6CVSS5.5AI score0.00219EPSS

Exploits0References2

CVE•added 2026/06/09 12:20 a.m.•102 views

CVE-2026-27671

Technical details about CVE-2026-27671 are not publicly available in the provided documents. Monitor for updates from SAP/security advisories.

9.8CVSS5.5AI score0.00437EPSS

Exploits0References2

ATTACKERKB•added 2026/06/09 12:20 a.m.•7 views

CVE-2026-27671

Due to improper RFC protocol validation in the SAP Kernel used by the Application Server ABAP of SAP NetWeaver and ABAP Platform, an unauthenticated attacker can send a crafted RFC request that exploits logical errors in memory management, leading to memory corruption. This could lead to a high...

9.8CVSS5.5AI score0.00437EPSS

Exploits0References3Affected Software1

EUVD•added 2026/06/09 12:20 a.m.•9 views

EUVD-2026-35278

9.8CVSS5.5AI score0.00437EPSS

Exploits0References2

GithubExploit•added 2026/05/30 1:57 p.m.•109 views

Exploit for CVE-2026-7465

CVE-2026-7465 - Spectra Gutenberg Blocks isregistered $block...

8.8CVSS5.8AI score0.01174EPSS

Exploits3

Snyk•added 2026/05/14 3:23 p.m.•11 views

Use of Inherently Dangerous Function

Overview Affected versions of this package are vulnerable to Use of Inherently Dangerous Function via the PQfn function when called with resultisint=0 in the loexport, loread, lolseek64, and lotell64 functions. An attacker can overwrite client stack memory with arbitrary data by sending a special...

8.8CVSS5.9AI score0.00284EPSS

Exploits0References2

CNNVD•added 2026/05/06 12:0 a.m.•6 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the srcugpstartifneeded function in tiny SRCU directly calling schedulework. This could lead to...

5.5CVSS5.8AI score0.001EPSS

Exploits0References1

AstraLinux•added 2026/05/03 11:59 p.m.•9 views

Astra Linux - уязвимость в linux-5.15

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memory leaks in checkfunccall kmemleak reports this issue: unreferenced object 0xffff88817139d000 size 2048: comm "testprogs", pid 33246, jiffies 4307381979 age 45851.820s hex dump first 32 bytes: 01 00 00 00 00 00 00 00...

5.5CVSS6.7AI score0.00157EPSS

Exploits0References1

Packet Storm News•added 2026/04/29 12:0 a.m.•11 views

Static Attribution of Android Residential Proxy Malware Using Graph Kernels

Android residential proxy applications represent a growing class of potentially-unwanted programs PUPs that covertly route third-party traffic through end-user devices, enabling ad fraud, credential abuse, and evasion of geolocation controls by sophisticated threat actors. Attributing an unknown...

5.8AI score

Exploits0

NVD•added 2026/04/14 12:16 a.m.•5 views

CVE-2026-27675

SAP Landscape Transformation contains a vulnerability in an RFC-exposed function module that could allow a high privileged adversary to inject arbitrary ABAP code and operating system commands. Due to this, some information could be modified, but the attacker does not have control over kind or...

2CVSS0.00168EPSS

Exploits0References2

Tenable Nessus•added 2026/04/08 12:0 a.m.•1 views

Juniper Junos OS Vulnerability (JSA107870)

The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA107870 advisory. - A Function Call With Incorrect Argument Type vulnerability in the sensor interface of Juniper Networks Junos OS Evolved on PTX Series allows a network-based, authenticate...

7.1CVSS5.9AI score0.0024EPSS

Exploits0References2

Snyk•added 2026/04/07 5:10 p.m.•4 views

Incorrect Comparison

Overview Affected versions of this package are vulnerable to Incorrect Comparison in the FunctionCall.Decode function. An attacker can cause a crash on 64-bit machine by sending a null argument in a FunctionCall response from PostgreSQL server since the intermediate int32 cast is absent in Decode...

9.8CVSS5.9AI score0.00378EPSS

Exploits0References3

RedhatCVE•added 2026/04/03 4:59 p.m.•2 views

CVE-2026-35002

Agno versions prior to 2.3.24 contain an arbitrary code execution vulnerability in the model execution component that allows attackers to execute arbitrary Python code by manipulating the fieldtype parameter passed to eval. Attackers can influence the fieldtype value in a FunctionCall to achieve...

9.8CVSS6.7AI score0.00852EPSS

Exploits0References1

Positive Technologies•added 2026/04/03 12:0 a.m.•2 views

PT-2026-30272

Name of the Vulnerable Software and Affected Versions SandboxJS versions prior to 0.8.35 Description SandboxJS has a flaw where direct assignment to global objects is blocked, but this protection can be bypassed through a callable constructor path using this.constructor.calltarget, attackerObject...

10CVSS6.2AI score0.00561EPSS

Exploits1References13