27969 matches found
CVE-2026-44743
Under certain conditions, when an unauthorized attacker accesses a specific endpoint, SAP Business Objects application leaks sensitive information .This has a low impact on the confidentiality of the data. There is no impact on integrity and availability of the application...
CVE-2026-44744 SQL Injection vulnerability in SAP S/4HANA
SAP S/4HANAOn-Premise contains SQL injection vulnerability in a remote-enabled function module component that could be exploited by an authenticated attacker to potentially execute unauthorized database queries.This flaw exposes sensitive information to which they should not otherwise have access...
CVE-2026-44744
SAP S/4HANAOn-Premise contains SQL injection vulnerability in a remote-enabled function module component that could be exploited by an authenticated attacker to potentially execute unauthorized database queries.This flaw exposes sensitive information to which they should not otherwise have access...
EUVD-2026-35281
SAP S/4HANAOn-Premise contains SQL injection vulnerability in a remote-enabled function module component that could be exploited by an authenticated attacker to potentially execute unauthorized database queries.This flaw exposes sensitive information to which they should not otherwise have access...
CVE-2026-44743
CVE-2026-44743 involves SAP Business Objects. Under certain conditions, an unauthorized actor accessing a specific endpoint can leak sensitive information. Impact is described as LOW for confidentiality, with no impact on integrity or availability. The CVSS 3.1 vector is AV:N/AC:H/PR:N/UI:N/S:U/C...
PT-2026-47532
SAP S/4HANAOn-Premise contains SQL injection vulnerability in a remote-enabled function module component that could be exploited by an authenticated attacker to potentially execute unauthorized database queries.This flaw exposes sensitive information to which they should not otherwise have access...
PT-2026-47772
Apptha Slider Gallery 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the albid parameter. Attackers can send GET requests with crafted SQL payloads in the albid parameter to extract sensitive...
SAP Business Objects 安全漏洞
SAP Business Objects is a business intelligence suite developed by the German company SAP. There is a security vulnerability in SAP Business Objects, which allows unauthorized attackers to access certain endpoints and thereby disclose sensitive information...
PT-2026-48021
Name of the Vulnerable Software and Affected Versions Visual Studio Code versions prior to 1.123.1 Description Exposure of sensitive information to an unauthorized actor allows an attacker to disclose information over a network. Recommendations Update to version 1.123.1 or later...
WordPress plugin PICA Photo Gallery SQL注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
Insertion of Sensitive Information into Log File
Overview Affected versions of this package are vulnerable to Insertion of Sensitive Information into Log File in the INFO level logging when chaincode is deployed in chaincode-as-a-service mode with TLS enabled. An attacker can obtain sensitive information TLS private key by accessing the server...
WordPress Affiliates Manager plugin <= 2.9.50 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by dodoh4t in WordPress Plugin Affiliates Manager versions = 2.9.50...
WordPress Conekta Payment Gateway plugin <= 6.0.0 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by dodoh4t in WordPress Plugin Conekta Payment Gateway versions = 6.0.0...
WordPress GetPaid plugin <= 2.8.49 - Sensitive Data Exposure vulnerability
Sensitive Data Exposure vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin GetPaid versions = 2.8.49...
CVE-2026-8502
The LearnPress – WordPress LMS Plugin for Create and Sell Online Courses plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.6 via the 'returntype' parameter. This makes it possible for unauthenticated attackers to extract sensitive data...
CVE-2026-7566
The LearnPress – Backup & Migration Tool plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.1.4 via deserialization of untrusted input . This makes it possible for authenticated attackers, with administrator-level access and above, to inject a PHP...
CVE-2026-21035
Improper input validation in Samsung Plus TV prior to version 1.0.28.6 allows remote attackers to access sensitive information...
CVE-2026-21028
Improper access control in AuditLogService prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information...
CVE-2026-21025
Incorrect privilege assignment in Telephony prior to SMR Jun-2026 Release 1 allows local attackers to access sensitive information...
CVE-2026-8502
The LearnPress – WordPress LMS Plugin for Create and Sell Online Courses plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.6 via the 'returntype' parameter. This makes it possible for unauthenticated attackers to extract sensitive data...