Lucene search
K

87 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:19 a.m.4 views

CVE-2023-23932

OpenDDS is an open source C++ implementation of the Object Management Group OMG Data Distribution Service DDS. OpenDDS applications that are exposed to untrusted RTPS network traffic may crash when parsing badly-formed input. This issue has been patched in version 3.23.1...

7.5CVSS6.9AI score0.00738EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2025/04/23 12:0 a.m.10 views

The vulnerability of the OData protocol implementation in SAP S4CORE Entity software allows unauthorized access to protected information.

The vulnerability of the OData protocol implementation in SAP S4CORE Entity software is related to deficiencies in displaying hidden user fields. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

4.3CVSS5.5AI score0.00249EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/03/11 12:0 a.m.3 views

SAP Just In Time 安全漏洞

SAP Just In Time is an application from SAP Germany designed to enable efficient demand-driven production and logistics throughout the supply chain. An elevation of privilege vulnerability exists in SAP Just In Time, which stems from the OData service not performing the necessary privilege checks...

4.3CVSS6.9AI score0.00225EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2025/02/26 12:0 a.m.16 views

The vulnerability of the Telnet protocol implementation for the MIR KT-51 controller and the MIR controller configuration tool, related to the transmission of data in an open manner, allows a perpetrator to disclose the protected information.

The vulnerability of the Telnet protocol implementation for the MIR KT-51 controller and the MIR controller configuration software is related to the transmission of data in an open manner. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

10CVSS5.5AI score
Exploits0Affected Software2
BDU FSTEC
BDU FSTEC
added 2025/02/26 12:0 a.m.16 views

The vulnerability of the implementation of service protocols in the software products of the LLC “NPO ‘MIR’ relates to the transmission of data in an open manner, which allows a perpetrator to disclose the protected information.

The vulnerability of the implementation of service protocols in the software products of the LLC “NPO ‘MIR’ relates to the transmission of data in an open manner. Exploiting this vulnerability can allow a malicious actor, operating remotely, to disclose the protected information.”...

10CVSS5.4AI score
Exploits0Affected Software6
BDU FSTEC
BDU FSTEC
added 2025/02/26 12:0 a.m.8 views

The vulnerability of the HTTP protocol implementation in the software products of the LLC “NPO “MIR” lies in the transmission of data in an open manner, which allows attackers to disclose protected information.

The vulnerability of the HTTP protocol implementation in software products of the LLC “NPO ‘MIR’” lies in the transmission of data in an open manner. Exploiting this vulnerability can allow a malicious actor to disclose the protected information remotely...

9CVSS5.4AI score
Exploits0Affected Software4
BDU FSTEC
BDU FSTEC
added 2025/02/20 12:0 a.m.5 views

The vulnerability of the Xerox Workplace Suite print management server, related to the storage of critical information in an open manner, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the Xerox Workplace Suite print management server lies in the storage of critical information in an open manner. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

6.8CVSS5.5AI score0.00143EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2025/02/14 12:13 p.m.2 views

OESA-2025-1126 assimp security update

Assimp is a library to load and process geometric scenes from various data formats. Assimp aims to provide a full asset conversion pipeline for use in game engines and real-time rendering systems of any kind, but is not limited to this purpose. Security Fixes: A heap-buffer-overflow vulnerability...

6.2CVSS7AI score0.00301EPSS
Exploits2References3
Positive Technologies
Positive Technologies
added 2025/02/11 12:0 a.m.7 views

PT-2025-6125 · Sap · Sap Fiori +1

Name of the Vulnerable Software and Affected Versions: SAP ERP affected versions not specified Description: The issue concerns the SAP OData endpoint in SAP Fiori for SAP ERP, where cached values could be poisoned by modifying the Host header value in an HTTP GET request. An attacker could alter...

3.1CVSS6.8AI score0.00229EPSS
Exploits0References7
BDU FSTEC
BDU FSTEC
added 2024/12/12 12:0 a.m.5 views

The vulnerability of the Webservice API Endpoint component of the SAP Commerce Cloud platform allows a hacker to disclose protected information.

The vulnerability of the Webservice API Endpoint component of the SAP Commerce Cloud platform is related to the transmission of data in an open manner. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information...

4CVSS5.4AI score0.00196EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2024/12/12 12:0 a.m.5 views

The vulnerability of microprogramming software in embedded network control controllers of ASPECT Enterprise, NEXUS Series, and MATRIX Series, related to the transmission of data in an open manner, allows attackers to disclose protected information.

The vulnerability of microprogrammed software in embedded network control controllers of ASPECT Enterprise, NEXUS Series, and MATRIX Series is related to the transmission of data in an open manner. Exploiting this vulnerability can allow a malicious actor to disclose the protected information...

9.6CVSS5.4AI score0.00404EPSS
Exploits0References2Affected Software4
OSV
OSV
added 2024/10/08 4:15 a.m.8 views

CVE-2024-45282

Fields which are in 'read only' state in Bank Statement Draft in Manage Bank Statements application, could be modified by MERGE method. The property of an OData entity representing assumably immutable method is not protected against external modifications leading to integrity violations...

5.3CVSS5.8AI score0.00293EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2024/10/08 12:0 a.m.9 views

The vulnerability of Ivanti Workspace Control’s software for controlling user access to applications and data, related to the transmission of data in an open manner, allows a hacker to obtain the user’s operating system credentials.

The vulnerability of the software for controlling user access to applications and data in Ivanti Workspace Control is related to the transfer of data in an open manner. Exploiting this vulnerability could allow a hacker to obtain the user’s operating system credentials...

8.2CVSS5.5AI score0.00163EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/08/21 12:0 a.m.5 views

The vulnerability of the mmput() function in the IB/core component of the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the mmput function in the IB/core component of the Linux operating system’s kernel is related to deadlocking as part of the ODP process. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.2AI score0.00178EPSS
Exploits0References12Affected Software2
Positive Technologies
Positive Technologies
added 2024/08/17 12:0 a.m.5 views

PT-2024-41068 · Мир Кт-51 +1 · Мир Кт-51 +1

Name of the Vulnerable Software and Affected Versions: МИР КТ-51 and МИР контроллеры affected versions not specified Description: The issue is related to the implementation of the Telnet protocol in the МИР КТ-51 controller and the МИР controller configurator, which involves the transmission of...

9.4CVSS6.8AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/07/15 12:0 a.m.10 views

The vulnerability of the SCADA system “ENTEK,” which stems from the storage of critical information in an open manner, allows a intruder to gain unauthorized access to the protected information.

The vulnerability of the SCADA system “ENTEK” is related to the storage of critical information in an open manner. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information by intercepting traffic or obtaining configuration...

8.5CVSS5.5AI score
Exploits0References1Affected Software1
BDU FSTEC
BDU FSTEC
added 2024/05/24 12:0 a.m.6 views

The vulnerability of the software used for calculating positions of individual RTLS transponders in the SIMATIC RTLS Locating Manager allows a intruder to carry out a “man-in-the-middle” attack.

The vulnerability of the software for calculating the positions of individual RTLS transponders in the SIMATIC RTLS Locating Manager relates to the transmission of data in an open manner. Exploiting this vulnerability could allow a malicious actor to carry out a “man-in-the-middle” attack...

9.6CVSS5.5AI score0.00272EPSS
Exploits0References2Affected Software7
CNNVD
CNNVD
added 2024/05/08 12:0 a.m.5 views

F5 BIG-IP SQL注入漏洞

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. An OData injection vulnerability exists in F5 BIG-IP Next Central Manager, which can be exploited to send crafted SQL statemen...

7.5CVSS7.5AI score0.07086EPSS
Exploits0References2
OSV
OSV
added 2024/05/03 3:15 p.m.0 views

DEBIAN-CVE-2022-48675

In the Linux kernel, the following vulnerability has been resolved: IB/core: Fix a nested dead lock as part of ODP flow Fix a nested dead lock as part of ODP flow by using mmputasync. From the below call trace 1 can see that calling mmput once we have the umemodp-umemmutex locked as required by...

5.5CVSS5.4AI score0.00178EPSS
Exploits0References1
Openbugbounty
Openbugbounty
added 2024/02/05 11:7 a.m.5 views

opd.opendata-japan.com Cross Site Scripting vulnerability OBB-3849019

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.2AI score
Exploits0
Rows per page
Query Builder