20 matches found
EUVD-2026-8719
ServiceNow has addressed a remote code execution vulnerability that was identified in the ServiceNow AI platform. This vulnerability could enable an unauthenticated user, in certain circumstances, to execute code within the ServiceNow Sandbox. ServiceNow addressed this vulnerability by deploying...
PT-2026-22008
Name of the Vulnerable Software and Affected Versions ServiceNow affected versions not specified Description A remote code execution issue exists within the ServiceNow AI platform. An unauthenticated user, under specific conditions, could potentially execute code within the ServiceNow Sandbox...
CVE-2025-11450
ServiceNow has addressed a reflected cross-site scripting vulnerability that was identified in the ServiceNow AI Platform. This vulnerability could result in arbitrary code being executed within the browsers of ServiceNow users who click on a specially crafted link. ServiceNow has addressed this...
CVE-2025-11449
ServiceNow has addressed a reflected cross-site scripting vulnerability that was identified in the ServiceNow AI Platform. This vulnerability could result in arbitrary code being executed within the browsers of ServiceNow users who click on a specially crafted link. ServiceNow has addressed this...
CVE-2025-11449
The CVE-2025-11449 entry describes a reflected cross-site scripting vulnerability in the ServiceNow AI Platform. The flaw could allow arbitrary code execution in a user’s browser when a person clicks a specially crafted link. Documentation consistently states that ServiceNow has deployed security...
CVE-2025-11450
CVE-2025-11450 describes a reflected cross-site scripting vulnerability in the ServiceNow AI Platform. The issue could allow arbitrary code execution in the browser of a ServiceNow user who clicks a crafted link. ServiceNow has deployed security updates to the majority of hosted instances and pro...
EUVD-2025-6208
Malicious code in bioql PyPI...
EUVD-2025-24446
Malicious code in bioql PyPI...
CVE-2025-3089
ServiceNow has addressed a Broken Access Control vulnerability that was identified in the ServiceNow AI Platform. This vulnerability could allow a low privileged user to bypass access controls and perform a limited set of actions typically reserved for higher privileged users, potentially leading...
CVE-2025-3089
ServiceNow has addressed a Broken Access Control vulnerability that was identified in the ServiceNow AI Platform. This vulnerability could allow a low privileged user to bypass access controls and perform a limited set of actions typically reserved for higher privileged users, potentially leading...
CVE-2025-3089 Broken Access Control in ServiceNow AI Platform
ServiceNow has addressed a Broken Access Control vulnerability that was identified in the ServiceNow AI Platform. This vulnerability could allow a low privileged user to bypass access controls and perform a limited set of actions typically reserved for higher privileged users, potentially leading...
CVE-2025-3089
CVE-2025-3089 affects ServiceNow AI Platform. The vulnerability is a Broken Access Control issue that could let a low-privilege user bypass access controls and perform a limited set of higher-privilege actions, potentially leading to unauthorized data modifications. ServiceNow reports that patche...
CVE-2024-8924
ServiceNow has addressed a blind SQL injection vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to extract unauthorized information. ServiceNow deployed an update to hosted instances, and ServiceNow provided the update to our partners...
CVE-2024-8924
ServiceNow has addressed a blind SQL injection vulnerability that was identified in the Now Platform. This vulnerability could enable an unauthenticated user to extract unauthorized information. ServiceNow deployed an update to hosted instances, and ServiceNow provided the update to our partners...
CVE-2024-8924
CVE-2024-8924 concerns ServiceNow Now Platform with an unauthenticated blind SQL injection vulnerability. The issue affects the Now Platform and could enable an attacker to extract unauthorized information. ServiceNow has deployed updates to hosted instances and provided fixes to partners and sel...
CVE-2024-8923
CVE-2024-8923 affects ServiceNow Now Platform. The root cause is insufficient input validation in the platform, enabling an unauthenticated attacker to remotely execute code via a network vector. Impact is high (remote code execution, high confidentiality/integrity/availability risk). ServiceNow ...
PT-2024-9272 · Servicenow · Servicenow Now Platform
Name of the Vulnerable Software and Affected Versions: ServiceNow Now Platform affected versions not specified Description: The issue is related to a blind SQL injection vulnerability in the Now Platform, which could allow an unauthenticated user to extract unauthorized information. This...
CVE-2024-4879 Jelly Template Injection Vulnerability in ServiceNow UI Macros
ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow applied an update to hosted...
CVE-2024-4879 Jelly Template Injection Vulnerability in ServiceNow UI Macros
ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow applied an update to hosted...
CVE-2024-4879
ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow applied an update to hosted...