Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/03/11 7:8 a.m.4 views

CVE-2026-27684

SAP NetWeaver Feedback Notifications Service contains a SQL injection vulnerability that allows an authenticated attacker to inject arbitrary SQL code through user-controlled input fields. The application concatenates these inputs directly into SQL queries without proper validation or escaping. A...

6.4CVSS6AI score0.00267EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/10 6:31 p.m.7 views

EUVD-2026-10455

SAP NetWeaver Feedback Notifications Service contains a SQL injection vulnerability that allows an authenticated attacker to inject arbitrary SQL code through user-controlled input fields. The application concatenates these inputs directly into SQL queries without proper validation or escaping. A...

6.4CVSS6AI score0.00267EPSS
Exploits0References3
NVD
NVD
added 2026/03/10 5:38 p.m.3 views

CVE-2026-27684

SAP NetWeaver Feedback Notifications Service contains a SQL injection vulnerability that allows an authenticated attacker to inject arbitrary SQL code through user-controlled input fields. The application concatenates these inputs directly into SQL queries without proper validation or escaping. A...

6.4CVSS0.00267EPSS
Exploits0References2
CVE
CVE
added 2026/03/10 12:18 a.m.12 views

CVE-2026-27684

CVE-2026-27684 affects SAP NetWeaver Feedback Notifications Service. An authenticated attacker can exploit a SQL injection by supplying input that is directly concatenated into SQL queries, enabling manipulation of WHERE clause logic. This can lead to unauthorized access to or modification of dat...

6.4CVSS6AI score0.00267EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/10 12:18 a.m.3 views

CVE-2026-27684 SQL Injection Vulnerability in SAP NetWeaver (Feedback Notification)

SAP NetWeaver Feedback Notifications Service contains a SQL injection vulnerability that allows an authenticated attacker to inject arbitrary SQL code through user-controlled input fields. The application concatenates these inputs directly into SQL queries without proper validation or escaping. A...

6.4CVSS6AI score0.00267EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/04/12 2:2 a.m.2 views

Malicious code in deskpro-notifications-service (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d9e07cbfe7dbcfbce0bd86d7353862570a270265a771f2ed1da61bb8ddf101b9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2023/04/12 2:2 a.m.6 views

MAL-2023-246 Malicious code in deskpro-notifications-service (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware d9e07cbfe7dbcfbce0bd86d7353862570a270265a771f2ed1da61bb8ddf101b9 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Snyk
Snyk
added 2022/09/08 11:24 a.m.1 views

Malicious Package

Overview deskpro-notifications-service is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if...

9.8CVSS7.1AI score
Exploits0References3
Rows per page
Query Builder