Lucene search
K

172 matches found

Cvelist
Cvelist
added yesterday21 views

CVE-2026-50506 OData for ASP.NET and ASP.NET Core Denial of Service Vulnerability

...

7.5CVSS
Exploits0References1
NVD
NVD
added 2026/06/30 10:16 a.m.24 views

CVE-2026-12076

Raytha CMS is vulnerable to SQL Injection within the OData filter parsing pipeline. The vulnerability allows a remote, unauthenticated attacker to execute arbitrary SQL statements against the underlying PostgreSQL database, leading to full database compromise, including credential extraction...

9.3CVSS0.00431EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 9:10 a.m.15 views

CVE-2026-12076

Vulnerability summary (CVE-2026-12076): Raytha CMS is affected by a SQL Injection in the OData filter parsing pipeline. The flaw allows a remote, unauthenticated attacker to execute arbitrary SQL against a PostgreSQL database, potentially leading to full database compromise and credential extract...

9.3CVSS5.9AI score0.00431EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/30 9:10 a.m.9 views

CVE-2026-12076

Raytha CMS is vulnerable to SQL Injection within the OData filter parsing pipeline. The vulnerability allows a remote, unauthenticated attacker to execute arbitrary SQL statements against the underlying PostgreSQL database, leading to full database compromise, including credential extraction...

9.3CVSS5.9AI score0.00431EPSS
Exploits0References3Affected Software1
EUVD
EUVD
added 2026/06/30 9:10 a.m.6 views

EUVD-2026-40272

Raytha CMS is vulnerable to SQL Injection within the OData filter parsing pipeline. The vulnerability allows a remote, unauthenticated attacker to execute arbitrary SQL statements against the underlying PostgreSQL database, leading to full database compromise, including credential extraction...

9.3CVSS5.9AI score0.00431EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 9:10 a.m.33 views

CVE-2026-12076 SQL Injection in Raytha CMS

Raytha CMS is vulnerable to SQL Injection within the OData filter parsing pipeline. The vulnerability allows a remote, unauthenticated attacker to execute arbitrary SQL statements against the underlying PostgreSQL database, leading to full database compromise, including credential extraction...

9.3CVSS0.00431EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.9 views

CVE-2026-27676

Due to missing authorization checks in the SAP S/4HANA OData Service Manage Technical Object Structures, an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability results in a low impact on integrity, while confidentiality and...

4.3CVSS5.5AI score0.00158EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.9 views

CVE-2026-27678

Due to missing authorization checks in the SAP S/4HANA backend OData Service Manage Reference Structures, an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and...

6.5CVSS5.5AI score0.00181EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2026/04/22 8:23 p.m.9 views

@headspinio/appium-roku-driver (>=2.6.1 <=2.7.0), @natlibfi/passport-melinda-aleph (=3.0.3-alpha.1) +2 more potentially affected by CVE-2026-41673 via @xmldom/xmldom (=0.9.0)

@xmldom/xmldom NPM version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on @xmldom/xmldom and may be impacted: - @headspinio/appium-roku-driver =2.6.1, =3.0.0, =1.7.9-beta.3, =1.8.0-beta.2 Source cves: CVE-2026-41673 Source advisory:...

8.7CVSS5.8AI score0.00643EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/22 8:23 p.m.7 views

@headspinio/appium-roku-driver (>=2.6.1 <=2.7.0), @natlibfi/passport-melinda-aleph (=3.0.3-alpha.1) +2 more potentially affected by CVE-2026-41673 via @xmldom/xmldom (=0.9.0)

@xmldom/xmldom NPM version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on @xmldom/xmldom and may be impacted: - @headspinio/appium-roku-driver =2.6.1, =3.0.0, =1.7.9-beta.3, =1.8.0-beta.2 Source cves: CVE-2026-41673 Source advisory:...

8.7CVSS5.8AI score0.00643EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/22 8:19 p.m.9 views

@headspinio/appium-roku-driver (>=2.6.1 <=2.7.0), @natlibfi/passport-melinda-aleph (=3.0.3-alpha.1) +2 more potentially affected by CVE-2026-41674 via @xmldom/xmldom (=0.9.0)

@xmldom/xmldom NPM version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on @xmldom/xmldom and may be impacted: - @headspinio/appium-roku-driver =2.6.1, =3.0.0, =1.7.9-beta.3, =1.8.0-beta.2 Source cves: CVE-2026-41674 Source advisory:...

8.7CVSS5.8AI score0.00457EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/22 8:16 p.m.8 views

@headspinio/appium-roku-driver (>=2.6.1 <=2.7.0), @natlibfi/passport-melinda-aleph (=3.0.3-alpha.1) +2 more potentially affected by CVE-2026-41672 via @xmldom/xmldom (=0.9.0)

@xmldom/xmldom NPM version =0.9.0 is affected by a known vulnerability. The following packages have a transitive dependency on @xmldom/xmldom and may be impacted: - @headspinio/appium-roku-driver =2.6.1, =3.0.0, =1.7.9-beta.3, =1.8.0-beta.2 Source cves: CVE-2026-41672 Source advisory:...

8.7CVSS5.8AI score0.00365EPSS
Exploits0
NVD
NVD
added 2026/04/14 12:16 a.m.5 views

CVE-2026-27678

Due to missing authorization checks in the SAP S/4HANA backend OData Service Manage Reference Structures, an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and...

6.5CVSS0.00181EPSS
Exploits0References2
NVD
NVD
added 2026/04/14 12:16 a.m.5 views

CVE-2026-27679

Due to missing authorization checks in the SAP S/4HANA frontend OData Service Manage Reference Structures, an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and...

6.5CVSS0.00181EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/14 12:7 a.m.3 views

CVE-2026-27678

Due to missing authorization checks in the SAP S/4HANA backend OData Service Manage Reference Structures, an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and...

6.5CVSS5.8AI score0.00181EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/14 12:7 a.m.3 views

EUVD-2026-22149

Due to missing authorization checks in the SAP S/4HANA OData Service Manage Reference Equipment, an attacker could update and delete child entities via OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and availability are not...

6.5CVSS5.8AI score0.00181EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/14 12:7 a.m.2 views

CVE-2026-27677 Missing Authorization check in SAP S/4HANA OData Service (Manage Reference Equipment)

Due to missing authorization checks in the SAP S/4HANA OData Service Manage Reference Equipment, an attacker could update and delete child entities via OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and availability are not...

6.5CVSS5.8AI score0.00181EPSS
Exploits0References2
CVE
CVE
added 2026/04/14 12:7 a.m.11 views

CVE-2026-27676

CVE-2026-27676 affects SAP S/4HANA’s OData Service (Manage Technical Object Structures). The vulnerability arises from missing authorization checks, enabling an attacker to update and delete child entities via exposed OData endpoints. Impact is described as low for integrity, with no impact on co...

4.3CVSS5.8AI score0.00158EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/14 12:7 a.m.3 views

EUVD-2026-22148

Due to missing authorization checks in the SAP S/4HANA OData Service Manage Technical Object Structures, an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability results in a low impact on integrity, while confidentiality and...

4.3CVSS5.8AI score0.00158EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.9 views

SAP S/4HANA OData Service 安全漏洞

The SAP S/4HANA OData Service is an enterprise system data interface and service integration component provided by SAP, a German company. There is a security vulnerability in the SAP S/4HANA OData Service Manage Reference Equipment, which stems from the lack of authorization checks. This...

6.5CVSS5.8AI score0.00181EPSS
Exploits0References2
Rows per page
Query Builder