Lucene search
K

289 matches found

Vulnrichment
Vulnrichment
added 2026/02/11 12:17 p.m.3 views

CVE-2025-57707 File Station 5

An improper neutralization of directives in statically saved code 'Static Code Injection' vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to access restricted data / files. We have already fixed the...

4.8CVSS5.7AI score0.00655EPSS
Exploits0References1
CVE
CVE
added 2026/02/11 12:17 p.m.16 views

CVE-2025-57707

CVE-2025-57707 affects QNAP File Station 5. The vulnerability is described as an improper neutralization of directives in statically saved code (Static Code Injection) that could allow a remote attacker with a user account to access restricted data/files. The Red Hat, NVD, OSV, and related source...

8.8CVSS5.7AI score0.00655EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/11 7:30 a.m.5 views

CVE-2026-24327

Due to missing authorization check in SAP Strategic Enterprise Management Balanced Scorecard in Business Server Pages, an authenticated attacker could access information that they are otherwise unauthorized to view. This leads to low impact on confidentiality and no effect on integrity or...

4.3CVSS5.5AI score0.00221EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/11 12:0 a.m.11 views

QNAP Systems File Station 5 安全漏洞

QNAP Systems File Station 5 is a file management system developed by QNAP Systems, a company based in Taiwan, China. Versions of QNAP Systems File Station 5 prior to 5.5.6.5166 contained security vulnerabilities. These vulnerabilities were caused by static code injection, which could lead to acce...

8.8CVSS5.9AI score0.00655EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.10 views

PT-2026-7557

An improper neutralization of directives in statically saved code 'Static Code Injection' vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to access restricted data / files. We have already fixed the...

4.8CVSS5.7AI score0.00655EPSS
Exploits0References2
NVD
NVD
added 2026/02/10 6:15 a.m.10 views

CVE-2025-12757

An AXIS Camera Station Pro feature can be exploited in a way that allows a non-admin user to view information they are not permitted to...

4.6CVSS0.00266EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/02/10 3:4 a.m.3 views

CVE-2026-24327 Missing Authorization Check in SAP Strategic Enterprise Management (Balanced Scorecard in BSP Application)

Due to missing authorization check in SAP Strategic Enterprise Management Balanced Scorecard in Business Server Pages, an authenticated attacker could access information that they are otherwise unauthorized to view. This leads to low impact on confidentiality and no effect on integrity or...

4.3CVSS5.5AI score0.00221EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/04 12:0 a.m.3 views

PT-2026-6207

Name of the Vulnerable Software and Affected Versions Apache Answer versions through 1.7.1 github.com/apache/answer versions prior to 2.0.0 Description An issue exists in Apache Answer where an unauthenticated API endpoint incorrectly exposes the full revision history of deleted content. This...

7.5CVSS5.4AI score0.00619EPSS
Exploits0References15
RedhatCVE
RedhatCVE
added 2026/01/14 1:22 a.m.7 views

CVE-2026-0494

Under certain conditions SAP Fiori App Intercompany Balance Reconciliation application allows an attacker to access information which would otherwise be restricted. This has low impact on confidentiality of the application, integrity and availability are not impacted...

4.3CVSS6.6AI score0.00187EPSS
Exploits0References1
NVD
NVD
added 2026/01/13 2:15 a.m.12 views

CVE-2026-0494

Under certain conditions SAP Fiori App Intercompany Balance Reconciliation application allows an attacker to access information which would otherwise be restricted. This has low impact on confidentiality of the application, integrity and availability are not impacted...

4.3CVSS0.00187EPSS
Exploits0References2
CVE
CVE
added 2026/01/13 1:13 a.m.21 views

CVE-2026-0494

CVE-2026-0494 affects SAP Fiori App Intercompany Balance Reconciliation, where under certain conditions an attacker can access information that should be restricted. The impact is limited to confidentiality (low); no impact on integrity or availability is indicated. Multiple connected sources cor...

4.3CVSS6.2AI score0.00187EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.5 views

SAP Fiori App Intercompany Balance Reconciliation 安全漏洞

SAP Fiori App Intercompany Balance Reconciliation is a financial application from SAP, Germany. A security vulnerability exists in SAP Fiori App Intercompany Balance Reconciliation, which arises from the ability to access restricted information under certain conditions, causing a low impact on...

4.3CVSS5.8AI score0.00187EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/13 12:0 a.m.10 views

PT-2026-2330

Name of the Vulnerable Software and Affected Versions SAP Fiori App Intercompany Balance Reconciliation application affected versions not specified Description Under certain conditions, the SAP Fiori App Intercompany Balance Reconciliation application allows an attacker to access restricted...

4.3CVSS6.3AI score0.00187EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/09 8:59 a.m.5 views

CVE-2023-49580

SAP GUI for Windows and SAP GUI for Java - versions SAPBASIS 755, SAPBASIS 756, SAPBASIS 757, SAPBASIS 758, allow an unauthenticated attacker to access information which would otherwise be restricted and confidential. In addition, this vulnerability allows the unauthenticated attacker to create...

7.3CVSS6.7AI score0.00478EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/05 9:34 p.m.14 views

CVE-2025-66238

DCIM dcTrack allows an attacker to misuse certain remote access features. An authenticated user with access to the appliance's virtual console could exploit these features to redirect network traffic, potentially accessing restricted services or data on the host machine...

7.4CVSS6.8AI score0.00299EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/05 12:31 a.m.4 views

EUVD-2025-201312

DCIM dcTrack allows an attacker to misuse certain remote access features. An authenticated user with access to the appliance's virtual console could exploit these features to redirect network traffic, potentially accessing restricted services or data on the host machine...

7.4CVSS6.3AI score0.00299EPSS
Exploits0References3
OSV
OSV
added 2025/11/19 8:15 p.m.4 views

CVE-2025-36371

IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 are impacted by obtaining an information vulnerability in the database plan cache implementation. A user with access to the database plan cache could see information they do not have authority to view...

6.5CVSS5.8AI score0.00238EPSS
Exploits0References1
NVD
NVD
added 2025/11/19 8:15 p.m.6 views

CVE-2025-36371

IBM i 7.2, 7.3, 7.4, 7.5, and 7.6 are impacted by obtaining an information vulnerability in the database plan cache implementation. A user with access to the database plan cache could see information they do not have authority to view...

6.5CVSS0.00238EPSS
Exploits0References1
CVE
CVE
added 2025/11/19 7:45 p.m.21 views

CVE-2025-36371

Summary: CVE-2025-36371 affects IBM i versions 7.2–7.6. The vulnerability is an information disclosure in the database plan cache implementation that could allow a user with database plan cache access to see information they are not authorized to view. Affected products/versions: IBM i 7.2, 7.3, ...

6.5CVSS6.1AI score0.00238EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/11/07 12:30 a.m.6 views

EUVD-2024-55065

A flaw was found in the 3scale developer portal. This issue can allow account creation or updates passed through hidden or read-only fields, the contents of which may be altered. This flaw allows an attacker to access or modify restricted information...

5.4CVSS6AI score0.00243EPSS
Exploits0References3
Rows per page
Query Builder