CVE-2015-7968

nwbcext2int in SAP NetWeaver Application Server before Security Note 2183189 allows XXE attacks for local file inclusion via the sap/bc/ui2/nwbc/nwbcext2int/ URI...

CVE-2015-7731

SAP Mobile Platform 3.0 SP05 ClientHub allows attackers to obtain the keystream and other sensitive information via the DataVault, aka SAP Security Note 2094830...

CVE-2025-42999

SAP NetWeaver Visual Composer Metadata Uploader is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potentially lead to a compromise of confidentiality, integrity, and availability of the host system...

CVE-2025-42999 Insecure Deserialization in SAP NetWeaver (Visual Composer development server)

SAP NetWeaver Visual Composer Metadata Uploader is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potentially lead to a compromise of confidentiality, integrity, and availability of the host system...

CVE-2025-42999

CVE-2025-42999 affects SAP NetWeaver Visual Composer Metadata Uploader. It is a deserialization vulnerability that can allow a privileged attacker to compromise confidentiality, integrity, and availability of the host system. Connected documents corroborate a broader context: CVE-2025-31324 (unre...

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Amendment This was deemed not a vulnerability. Overview Affected versions of this package are vulnerable to Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in the $ shell API due to improper neutralization of user input. An attacker can exploit this by...

Linux Distros Unpatched Vulnerability : CVE-2017-9168

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libautotrace.a in AutoTrace 0.31.1 has a heap-based buffer overflow in the ReadImage function in input- bmp.c:353:25. CVE-2017-9168 Note that Nessus relies on t...

GHSA-QMCW-H4F9-J3H3

creationtimestamp| type| source ---|---|--- 2024-12-20 19:55:38+00:00| seen| https://infosec.exchange/users/cve/statuses/113686907311266678...

Xerox Printers Authenticated Remote Code Execution Vulnerability

Various Xerox printers, such as models EC80xx, AltaLink, VersaLink, and WorkCentre, suffer from an authenticated remote code execution vulnerability. ======================================================================= title: Authenticated Remote Code Execution product: Multiple Xerox printers...

Integration Status

The following integration was used and here are the results based on the intention of the integration type. Here is a brief description of success for each integration type. PAMs: To retrieve a target credential from the related PAM. MDMs: To retrieve devices from the related MDM. Patch Managemen...

CVE-2024-27833

An integer overflow was addressed with improved input validation. This issue is fixed in Safari 17.5, iOS 16.7.8 and iPadOS 16.7.8, iOS 17.5 and iPadOS 17.5, tvOS 17.5, visionOS 1.2. Processing maliciously crafted web content may lead to arbitrary code execution...

SAP Cloud Connector 2.16.1 Missing Validation

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Tolerating Self-Signed Certificates product: SAP® Cloud Connector vulnerable version: 2.15.0 - 2.16.1 Portable and Installer fixed version: 2.16.2 Portable and Installer...

BELL-CVE-2024-26903

Bulletin has no description...

Number withdrawn

SourceCodester Employee Management System is a php-based website builder for employee performance management from SourceCodester, USA. The CVE number has been withdrawn...

SAP Application Server ABAP Open Redirection

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Open Redirect in BSP Test Application it00 Bypass for CVE-2020-6215 Patch product: SAP® Application Server ABAP and ABAP® Platform SAPBASIS vulnerable version: see sectio...

CVE-2010-1765

Rejected reason: This candidate is unused by its CNA...

CVE-2023-38075

creationtimestamp| type| source ---|---|--- 2023-09-12 14:22:58+00:00| seen| https://t.me/cibsecurity/70263...

Fedora 37 : php-phpmailer6 (2023-f2be748f28)

The remote Fedora 37 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2023-f2be748f28 advisory. Minor security note The DSN support added in 6.8.0 reflects the DSN back to the user in an error message if it is invalid. If a DSN uses user-supplied input ...

BELL-CVE-2022-2057 CVE-2022-2057 does not affect BellSoft software

Bulletin has no description...

CVE-2023-37918

creationtimestamp| type| source ---|---|--- 2023-07-21 17:02:33+00:00| published-proof-of-concept| https://github.com/dapr/dapr/security/advisories/GHSA-59m6-82qm-vqgj...