EUVD-2016-7744

Malware in sbrugna...

EUVD-2018-14318

Malware in sbrugna...

EUVD-2016-7741

Malware in sbrugna...

EUVD-2016-7743

Malware in sbrugna...

EUVD-2016-7742

Malware in sbrugna...

EUVD-2014-8701

Malware in sbrugna...

com.adobe.cq.commerce:cq-commerce-hybris-impl (>=5.6.100 <=6.4.4), com.adobe.cq.media:cq-media-publishing-dps-integration (=5.6.16) +119 more potentially affected by CVE-2025-58782 via org.apache.jackrabbit:jackrabbit-core (>=1.2.1 <=2.22.1)

org.apache.jackrabbit:jackrabbit-core MAVEN version =1.2.1, =5.6.100, =2.0.6, =1.0.10, =1.0.8, =2.0.5, =2.0.0, =0.0.1, =2.1.1, =2.5.0, =2.1.1, =2.5.0, =2.1.1, =4.3.5 and more Source cves: CVE-2025-58782 Source advisory: OSV:GHSA-CXVC-G8F2-4GMM...

PT-2023-4247 · Sap · Sap Hybris Commerce +1

Name of the Vulnerable Software and Affected Versions: SAP Commerce Cloud versions HY COM 2105, HY COM 2205, COM CLOUD 2211 SAP Hybris Commerce versions HY COM 2105, HY COM 2205 Description: The issue is related to the implementation of the Omni Commerce Connect OCC API in SAP Commerce Cloud and...

com.activecq.tools.quickimage:core (=1.0.0), com.adobe.cq.commerce:cq-commerce-hybris-impl (>=5.5.0 <=6.4.4) +19 more potentially affected by CVE-2012-2138 via org.apache.sling:org.apache.sling.servlets.post (>=2.0.4-incubator <=2.1.0)

org.apache.sling:org.apache.sling.servlets.post MAVEN version =2.0.4-incubator, =5.5.0, =5.5.0, =5.3.0, =5.3.0, =5.4.0, =1.0.8, =1.0.12, =1.0.6, =5.5.0, =5.6.2, =5.4.0, =5.6.8 and more Source cves: CVE-2012-2138 Source advisory: OSV:GHSA-342C-F869-5M44...

com.activecq.tools.quickimage:core (=1.0.0), com.adobe.cq.commerce:cq-commerce-hybris-impl (>=5.5.0 <=6.4.4) +19 more potentially affected by CVE-2015-2944 via org.apache.sling:org.apache.sling.servlets.post (>=2.0.4-incubator <=2.1.0)

org.apache.sling:org.apache.sling.servlets.post MAVEN version =2.0.4-incubator, =5.5.0, =5.5.0, =5.3.0, =5.3.0, =5.4.0, =1.0.8, =1.0.12, =1.0.6, =5.5.0, =5.6.2, =5.4.0, =5.6.8 and more Source cves: CVE-2015-2944 Source advisory: OSV:GHSA-RXVX-44W5-44R7...

CVE-2019-0344

Due to unsafe deserialization used in SAP Commerce Cloud virtualjdbc extension, versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, it is possible to execute arbitrary code on a target machine with 'Hybris' user rights, resulting in Code Injection...

Code injection

Due to unsafe deserialization used in SAP Commerce Cloud virtualjdbc extension, versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, it is possible to execute arbitrary code on a target machine with 'Hybris' user rights, resulting in Code Injection...

CVE-2019-0344

Due to unsafe deserialization used in SAP Commerce Cloud virtualjdbc extension, versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, it is possible to execute arbitrary code on a target machine with ‘Hybris’ user rights, resulting in Code Injection. Recent assessments: Assessed Attacker Value: 0 Assess...

CVE-2019-0238

SAP Commerce previously known as SAP Hybris Commerce, before version 6.7, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

CVE-2019-0238

Summary: SAP Commerce (formerly SAP Hybris Commerce) before version 6.7 contains an XSS vulnerability caused by insufficient encoding of user-controlled inputs. This is documented in multiple sources (NVD CVE-2019-0238 and CNVD entry). Affected scope: pre-6.7 versions; no exact exploitation detai...

CVE-2018-2505

SAP Commerce (Hybris) storefronts are affected by an input validation issue that can lead to Cross-Site Scripting (XSS). The vulnerability arises from insufficient validation of user-controlled inputs. Fixed in SAP Hybris Commerce versions 6.2, 6.3, 6.4, 6.5, 6.6, and 6.7. The CVE describes a cli...

CVE-2018-2505

SAP Commerce does not sufficiently validate user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability in storefronts that are based on the product. Fixed in versions SAP Hybris Commerce, versions 6.2, 6.3, 6.4, 6.5, 6.6, 6.7...

SAP Hybris Commerce Omni Commerce Connect API Server-Side Request Forgery Vulnerability

SAP Hybris Commerce is a SAP solution for handling high visitor and order volumes in e-commerce, and the Omni Commerce Connect API OCC is one of the full-service connectivity APIs. A server-side request forgery vulnerability exists in OCC in SAP Hybris Commerce version 6. The vulnerability stems...

CVE-2018-2463

The Omni Commerce Connect API OCC of SAP Hybris Commerce, versions 6., is vulnerable to server-side request forgery SSRF attacks. This is due to a misconfiguration of XML parser that is used in the server-side implementation of OCC...

CVE-2018-2463

The Omni Commerce Connect API OCC of SAP Hybris Commerce, versions 6., is vulnerable to server-side request forgery SSRF attacks. This is due to a misconfiguration of XML parser that is used in the server-side implementation of OCC...