Lucene search
K

60 matches found

NVD
NVD
added 2026/04/14 12:16 a.m.3 views

CVE-2026-0512

Due to a Cross-Site Scripting XSS vulnerability in the SAP Supplier Relationship Management SICF Handler in SRM Catalog, an unauthenticated attacker could craft a malicious URL, that if accessed by a victim, results in execution of malicious content within the victim's browser. This could allow t...

6.1CVSS0.00226EPSS
Exploits0References2
OSV
OSV
added 2026/01/13 2:15 a.m.6 views

CVE-2026-0513

Due to an Open Redirect Vulnerability in SAP Supplier Relationship Management SICF Handler in SRM Catalog, an unauthenticated attacker could craft a malicious URL that, if accessed by a victim, redirects them to an attacker-controlled site.This causes low impact on integrity of the application...

4.7CVSS5.8AI score0.00171EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/01/13 1:15 a.m.2 views

CVE-2026-0513 Open Redirect Vulnerability in SAP Supplier Relationship Management (SICF Handler in SRM Catalog)

Due to an Open Redirect Vulnerability in SAP Supplier Relationship Management SICF Handler in SRM Catalog, an unauthenticated attacker could craft a malicious URL that, if accessed by a victim, redirects them to an attacker-controlled site.This causes low impact on integrity of the application...

4.7CVSS6.4AI score0.00171EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 12:52 p.m.7 views

CVE-2014-4161

Cross-site scripting XSS vulnerability in la/umTestSSO.jsp in SAP Supplier Relationship Management SRM allows remote attackers to inject arbitrary web script or HTML via the url parameter...

4.3CVSS5.9AI score0.01161EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/10/14 12:18 a.m.4 views

CVE-2025-42910 Unrestricted File Upload Vulnerability in SAP Supplier Relationship Management

Due to missing verification of file type or content, SAP Supplier Relationship Management allows an authenticated attacker to upload arbitrary files. These files could include executables which might be downloaded and executed by the user which could host malware. On successful exploitation an...

9CVSS6.5AI score0.00437EPSS
Exploits0References2
CVE
CVE
added 2025/10/14 12:18 a.m.20 views

CVE-2025-42910

CVE-2025-42910 affects SAP Supplier Relationship Management (SRM). The issue stems from missing verification of uploaded file type/content, allowing an authenticated attacker to upload arbitrary files (potentially executable). Successful exploitation could impact confidentiality, integrity, and a...

9CVSS6.5AI score0.00437EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/14 12:18 a.m.4 views

EUVD-2025-34120

Due to missing verification of file type or content, SAP Supplier Relationship Management allows an authenticated attacker to upload arbitrary files. These files could include executables which might be downloaded and executed by the user which could host malware. On successful exploitation an...

9CVSS6.3AI score0.00437EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/10/14 12:0 a.m.4 views

SAP Supplier Relationship Management 代码问题漏洞

SAP Supplier Relationship Management SRM is a supplier relationship management solution from SAP, Germany. The product automates purchasing and acquisition processes within an organization and between suppliers, and provides functionality such as invoicing. A code issue vulnerability exists in SA...

9CVSS7.2AI score0.00437EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2014-4090

Malware in sbrugna...

5.8CVSS6.4AI score0.01282EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-1134

Malware in sbrugna...

6.1CVSS6.3AI score0.00648EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2014-4092

Malware in sbrugna...

4.3CVSS6.4AI score0.01161EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-14355

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00255EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-14354

Malicious code in bioql PyPI...

6.1CVSS6.4AI score0.00261EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-43160

Malicious code in bioql PyPI...

5.8CVSS5.8AI score0.00366EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-14353

Malicious code in bioql PyPI...

5.3CVSS6.4AI score0.00316EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2025-14352

Malicious code in bioql PyPI...

10CVSS9.3AI score0.00702EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-14337

Malicious code in bioql PyPI...

8.6CVSS6.4AI score0.00381EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 4:40 a.m.9 views

CVE-2023-39436

SAP Supplier Relationship Management -versions 600, 602, 603, 604, 605, 606, 616, 617, allows an unauthorized attacker to discover information relating to SRM within Vendor Master Data for Business Partners replication functionality.This information could be used to allow the attacker to speciali...

5.8CVSS6.5AI score0.00366EPSS
Exploits0
CNVD
CNVD
added 2025/05/19 12:0 a.m.1 views

SAP Supplier Relationship Management Cross-Site Scripting Vulnerability

SAP Supplier Relationship Management Master Data Management Catalog is a system for managing supplier relationships that provides master data management functionality. A cross-site scripting vulnerability exists in SAP Supplier Relationship Management Master Data Management Catalog that allows an...

6.1CVSS6.2AI score0.00263EPSS
Exploits0References1
CNVD
CNVD
added 2025/05/19 12:0 a.m.2 views

SAP supplier relationship management information leakage vulnerability

SAP supplier relationship management is a supplier relationship management software developed by SAP Germany. An information disclosure vulnerability exists in SAP supplier relationship management, which stems from the use of a deprecated Java applet component, and can be exploited by an attacker...

5.3CVSS5.6AI score0.00316EPSS
Exploits0References1
Rows per page
Query Builder