386 matches found
EUVD-2016-6496
Malware in sbrugna...
EUVD-2025-14354
Malicious code in bioql PyPI...
EUVD-2025-14352
Malicious code in bioql PyPI...
EUVD-2025-14355
Malicious code in bioql PyPI...
CVE-2020-27181
A hardcoded AES key in CipherUtils.java in the Java applet of konzept-ix publiXone before 2020.015 allows attackers to craft password-reset tokens or decrypt server-side configuration files...
CVE-2011-0219
Apple Safari before 5.0.6 allows remote attackers to bypass the Same Origin Policy, and modify the rendering of text from arbitrary web sites, via a Java applet that loads fonts...
CVE-2012-2496
A certain Java applet in the VPN downloader implementation in the WebLaunch feature in Cisco AnyConnect Secure Mobility Client 3.x before 3.0 MR7 on 64-bit Linux platforms does not properly restrict use of Java components, which allows remote attackers to execute arbitrary code via a crafted web...
SAP supplier relationship management cross-site scripting vulnerability
SAP supplier relationship management is a supplier relationship management software developed by SAP Germany. A cross-site scripting vulnerability exists in SAP supplier relationship management, which stems from the use of a deprecated Java applet component that can be exploited by an attacker to...
SAP supplier relationship management input validation error vulnerability
SAP supplier relationship management is a supplier relationship management software developed by SAP Germany. An input validation error vulnerability exists in SAP supplier relationship management, which stems from the use of a deprecated Java applet component that can be exploited by an attacker...
CVE-2025-30012
The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component, which allows an unauthenticated attacker to send malicious payload request in a specific encoding format. The servlet will then decode this malicious request which will result in...
CVE-2025-30009
he Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to execute malicious script in the victim�s browser. This vulnerability has low impact on confidentiality and...
CVE-2025-30011
The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to send an malicious request to the application, which could disclose the internal version details of the affected...
CVE-2025-30010
The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to craft a malicious link, which when clicked by a victim, redirects the browser to a malicious site. On successfu...
CVE-2025-30012
The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component, which allows an unauthenticated attacker to send malicious payload request in a specific encoding format. The servlet will then decode this malicious request which will result in...
CVE-2025-30010
The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to craft a malicious link, which when clicked by a victim, redirects the browser to a malicious site. On successfu...
CVE-2025-30009
he Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to execute malicious script in the victim�s browser. This vulnerability has low impact on confidentiality and...
CVE-2025-30011
The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to send an malicious request to the application, which could disclose the internal version details of the affected...
CVE-2025-30011
The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component within the affected SRM packages which allows an unauthenticated attacker to send an malicious request to the application, which could disclose the internal version details of the affected...
CVE-2025-30012 Multiple vulnerabilities in SAP Supplier Relationship Management (Live Auction Cockpit)
The Live Auction Cockpit in SAP Supplier Relationship Management SRM uses a deprecated java applet component, which allows an unauthenticated attacker to send malicious payload request in a specific encoding format. The servlet will then decode this malicious request which will result in...
CVE-2025-30012
CVE-2025-30012 affects the SAP SRM Live Auction Cockpit component, where a deprecated Java applet enables an unauthenticated attacker to trigger deserialization of a crafted payload, leading to execution of arbitrary OS commands with SAP Administrator privileges. The cited impact is high on confi...