Lucene search
K

516 matches found

NVD
NVD
added 13 hours ago5 views

CVE-2026-14852

Privilege escalation in Checkmk versions 2.5.0 before 2.5.0p9, 2.4.0 before 2.4.0p34, 2.3.0 before 2.3.0p49, and 2.2.0 EOL allows a local unprivileged user to execute arbitrary commands as root by starting a process crafted to look like a SAP HANA instance. Without an explicit database...

5.2CVSS
Exploits0References1
CVE
CVE
added 14 hours ago7 views

CVE-2026-14852

CVE-2026-14852 : Privilege escalation in Checkmk affecting versions 2.5.0 before 2.5.0p9, 2.4.0 before 2.4.0p34, 2.3.0 before 2.3.0p49, and 2.2.0 (EOL). A local unprivileged user can execute arbitrary commands as root by exploiting the mk_sap_hana agent plugin, which derives SAP HANA instance ide...

5.2CVSS6.3AI score
Exploits0References1
Cvelist
Cvelist
added 14 hours ago11 views

CVE-2026-14852 mk_sap_hana: Privilege escalation via crafted sapstartsrv process name

Privilege escalation in Checkmk versions 2.5.0 before 2.5.0p9, 2.4.0 before 2.4.0p34, 2.3.0 before 2.3.0p49, and 2.2.0 EOL allows a local unprivileged user to execute arbitrary commands as root by starting a process crafted to look like a SAP HANA instance. Without an explicit database...

5.2CVSS
Exploits0References1
EUVD
EUVD
added 14 hours ago5 views

EUVD-2026-43652

Privilege escalation in Checkmk versions 2.5.0 before 2.5.0p9, 2.4.0 before 2.4.0p34, 2.3.0 before 2.3.0p49, and 2.2.0 EOL allows a local unprivileged user to execute arbitrary commands as root by starting a process crafted to look like a SAP HANA instance. Without an explicit database...

5.2CVSS6.3AI score
Exploits0References1
NVD
NVD
added 22 hours ago6 views

CVE-2026-44753

SAP HANA Database user self service tools allows an unauthenticated user to send specially crafted requests that produce distinguishable responses, enabling enumeration of valid user accounts and email addresses. Successful exploitation could allow the attacker to enumerate valid user accounts,...

3.7CVSS
Exploits0References2
CVE
CVE
added 23 hours ago9 views

CVE-2026-44770

Technical details for CVE-2026-44770 are not publicly provided in the supplied documents. Monitor for updates from SAP and CVE databases.

4.3CVSS6.1AI score
Exploits0References2
Cvelist
Cvelist
added 23 hours ago9 views

CVE-2026-44753 Information Disclosure vulnerability in SAP HANA Extended Application Services classic model (User Self Service)

SAP HANA Database user self service tools allows an unauthenticated user to send specially crafted requests that produce distinguishable responses, enabling enumeration of valid user accounts and email addresses. Successful exploitation could allow the attacker to enumerate valid user accounts,...

3.7CVSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/12 2:20 a.m.42 views

CVE-2026-40131 SQL Injection vulnerability in SAP HANA Deployment Infrastructure (HDI) deploy library

SQL injection vulnerability exists in @sap/hdi-deploy package, where SQL queries are dynamically constructed using user input without proper parameterization or prepared statements. Successful exploitation could allow the high privileged users to alter the SELECT statements impacting...

3.4CVSS0.00173EPSS
Exploits0References2
CVE
CVE
added 2026/05/12 2:20 a.m.25 views

CVE-2026-40131

The CVE-2026-40131 entry concerns the SAP HDI deploy library (@sap/hdi-deploy). Affected component: SQL queries are dynamically constructed from user input without proper parameterization/prepared statements (root cause: lack of parameterization). Impact: confidentiality and availability of the a...

3.4CVSS5.9AI score0.00173EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2026/04/30 12:0 a.m.165 views

📄 SAP HANA Cockpit / Database Explorer Private Key Disclosure

SAP HANA Cockpit and SAP HANA Database Explorer expose the private key of their X.509 certificate. SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Exposed Private Key of X.509 Certificate product: SAP HANA...

5CVSS5.3AI score0.00304EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.2 views

SUSE SLES16 Security Update : google-cloud-sap-agent (SUSE-SU-2026:21210-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:21210-1 advisory. This update for google-cloud-sap-agent fixes the following issue: Update to google-cloud-sap-agent 3.12 bsc1259816: - CVE-2026-33186:...

9.1CVSS5.9AI score0.01557EPSS
Exploits1References5
NVD
NVD
added 2026/04/14 1:16 a.m.3 views

CVE-2026-34262

Information Disclosure Vulnerability in SAP HANA Cockpit and HANA Database Explorer...

5CVSS0.00304EPSS
Exploits2References3
Cvelist
Cvelist
added 2026/04/14 12:9 a.m.31 views

CVE-2026-34262 Information Disclosure Vulnerability in SAP HANA Cockpit and HANA Database Explorer

Information Disclosure Vulnerability in SAP HANA Cockpit and HANA Database Explorer...

5CVSS0.00304EPSS
Exploits2References2
ATTACKERKB
ATTACKERKB
added 2026/04/14 12:9 a.m.10 views

CVE-2026-34262

Information Disclosure Vulnerability in SAP HANA Cockpit and HANA Database Explorer...

5CVSS5.8AI score0.00304EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.3 views

SUSE SLES12 Security Update : google-cloud-sap-agent (SUSE-SU-2026:1195-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:1195-1 advisory. This update for google-cloud-sap-agent fixes the following issue: Update to google-cloud-sap-agent 3.12 bsc1259816: - CVE-2026-33186:...

9.1CVSS6AI score0.01557EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/04/08 12:0 a.m.6 views

SUSE SLES15 / openSUSE 15 Security Update : google-cloud-sap-agent (SUSE-SU-2026:1194-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:1194-1 advisory. This update for google-cloud-sap-agent fixes the following issue: Update to google-cloud-sap-agent 3.12 bsc1259816: -...

9.1CVSS6AI score0.01557EPSS
Exploits1References5
OSV
OSV
added 2026/04/07 9:25 a.m.2 views

SUSE-SU-2026:1195-1 Security update for google-cloud-sap-agent

This update for google-cloud-sap-agent fixes the following issue: Update to google-cloud-sap-agent 3.12 bsc1259816: - CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header bsc1260265. Changelog: Collect WLM metric...

9.1CVSS5.8AI score0.01557EPSS
Exploits1References4
SUSE Linux
SUSE Linux
added 2026/04/07 9:25 a.m.4 views

Security update for google-cloud-sap-agent

This update for google-cloud-sap-agent fixes the following issue: Update to google-cloud-sap-agent 3.12 bsc1259816: CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo- header bsc1260265. Changelog: Collect WLM metric...

8.6CVSS5.9AI score0.01557EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2026/01/14 1:22 a.m.9 views

CVE-2026-0492

SAP HANA database is vulnerable to privilege escalation allowing an attacker with valid credentials of any user to switch to another user potentially gaining administrative access. This exploit could result in a total compromise of the system�s confidentiality, integrity, and availability...

8.8CVSS6.9AI score0.00286EPSS
Exploits0References1
OSV
OSV
added 2026/01/13 2:15 a.m.4 views

CVE-2026-0492

SAP HANA database is vulnerable to privilege escalation allowing an attacker with valid credentials of any user to switch to another user potentially gaining administrative access. This exploit could result in a total compromise of the system�s confidentiality, integrity, and availability...

8.8CVSS5.8AI score0.00286EPSS
Exploits0References2
Rows per page
Query Builder