CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

96 matches found

RedhatCVE•added 2026/01/09 9:21 a.m.•12 views

CVE-2021-41251

@sap-cloud-sdk/core contains the core functionality of the SAP Cloud SDK as well as the SAP Business Technology Platform abstractions. This affects applications on SAP Business Technology Platform that use the SAP Cloud SDK and enabled caching of destinations. In affected versions and in some...

5.9CVSS6.6AI score0.01657EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:20 a.m.•13 views

CVE-2021-33693

SAP Cloud Connector, version - 2.0, allows an authenticated administrator to modify a configuration file to inject malicious codes that could potentially lead to OS command execution...

7.7CVSS6.8AI score0.00522EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:20 a.m.•16 views

CVE-2021-33694

SAP Cloud Connector, version - 2.0, does not sufficiently encode user-controlled inputs, allowing an attacker with Administrator rights, to include malicious codes that get stored in the database, and when accessed, could be executed in the application, resulting in Stored Cross-Site Scripting...

5.9CVSS6.3AI score0.0045EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:20 a.m.•10 views

CVE-2021-33692

SAP Cloud Connector, version - 2.0, allows the upload of zip files as backup. This backup file can be tricked to inject special elements such as '..' and '/' separators, for attackers to escape outside of the restricted location to access files or directories...

7.5CVSS7AI score0.01132EPSS

Exploits0References1

RedhatCVE•added 2025/10/15 4:43 p.m.•5 views

CVE-2025-42909

SAP Cloud Appliance Library Appliances allows an attacker with high privileges to leverage an insecure S/4HANA default profile setting in an existing SAP CAL appliances to gain access to other appliances. This has low impact on confidentiality of the application, integrity and availability is not...

3CVSS7AI score0.00221EPSS

Exploits0References1

NVD•added 2025/10/14 1:15 a.m.•3 views

CVE-2025-42909

3CVSS0.00221EPSS

Exploits0References2

CVE•added 2025/10/14 12:18 a.m.•11 views

CVE-2025-42909

CVE-2025-42909 (SAP Cloud Appliance Library Appliances) : A high-privilege attacker can exploit an insecure S/4HANA default profile setting in existing SAP CAL appliances to access other appliances. The impact is described as low for confidentiality with no impact on integrity or availability. Th...

3CVSS6.6AI score0.00221EPSS

Exploits0References2