Lucene search
K

27 matches found

Zero Day Initiative
Zero Day Initiative
added 2025/12/10 12:0 a.m.4 views

(0Day) Microsoft ASP.NET SOAP Execution Restriction Bypass Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft ASP.NET. Authentication may be required to exploit this vulnerability depending upon configuration. Additionally, specific configuration is required. The specific flaw exists within the...

5CVSS7.8AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2012-4008

Malware in sbrugna...

6.5CVSS6.4AI score0.01151EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-8058

Malware in sbrugna...

9.8CVSS9.2AI score0.36627EPSS
Exploits5References4
RedhatCVE
RedhatCVE
added 2025/06/01 12:35 p.m.12 views

CVE-2025-2500

A vulnerability exists in the SOAP Web services of the Asset Suite versions listed below. If successfully exploited, an attacker could gain unauthorized access to the product and the time window of a possible password attack could be expanded...

9.1CVSS7.1AI score0.00335EPSS
Exploits0References1
NVD
NVD
added 2025/05/30 1:15 p.m.31 views

CVE-2025-2500

A vulnerability exists in the SOAP Web services of the Asset Suite versions listed below. If successfully exploited, an attacker could gain unauthorized access to the product and the time window of a possible password attack could be expanded...

9.1CVSS0.00335EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/30 12:29 p.m.29 views

CVE-2025-2500

A vulnerability exists in the SOAP Web services of the Asset Suite versions listed below. If successfully exploited, an attacker could gain unauthorized access to the product and the time window of a possible password attack could be expanded...

9.1CVSS0.00335EPSS
Exploits0References1
CVE
CVE
added 2025/05/30 12:29 p.m.50 views

CVE-2025-2500

CVE-2025-2500 affects Hitachi Energy Asset Suite SOAP Web services. Public documentation indicates a vulnerability in SOAP-based interfaces that could allow an attacker to gain unauthorized access and potentially extend the window for password attacks. Reported CVSS data (3.1: High, 7.4; 4.0: Cri...

9.1CVSS7.5AI score0.00335EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/30 12:29 p.m.7 views

CVE-2025-2500

A vulnerability exists in the SOAP Web services of the Asset Suite versions listed below. If successfully exploited, an attacker could gain unauthorized access to the product and the time window of a possible password attack could be expanded...

9.1CVSS7.1AI score0.00335EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/30 12:0 a.m.6 views

PT-2025-23284 · Unknown · Asset Suite

Name of the Vulnerable Software and Affected Versions: Asset Suite versions affected versions not specified Description: A vulnerability exists in the SOAP Web services, allowing an attacker to gain unauthorized access to the product if successfully exploited. This could also expand the time wind...

9.1CVSS7.5AI score0.00335EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 10:40 p.m.9 views

CVE-2022-28213

When a user access SOAP Web services in SAP BusinessObjects Business Intelligence Platform - version 420, 430, it does not sufficiently validate the XML document accepted from an untrusted source, which might result in arbitrary files retrieval from the server and in successful exploits of DoS...

8.1CVSS7AI score0.12476EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:53 p.m.1 views

CVE-2021-31600

An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. They implement a series of web services using the SOAP protocol to allow scripting interaction with the backend server. An authenticated user regardless of privileges can list all...

4.3CVSS6AI score0.00951EPSS
Exploits3References1
Rockylinux
Rockylinux
added 2022/04/26 1:50 p.m.21 views

python-suds bug fix and enhancement update

An update is available for python-suds. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The suds project is a python soap web services client lib. Suds leverages...

1.3AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2022/04/12 5:15 p.m.3 views

CVE-2022-28213

When a user access SOAP Web services in SAP BusinessObjects Business Intelligence Platform - version 420, 430, it does not sufficiently validate the XML document accepted from an untrusted source, which might result in arbitrary files retrieval from the server and in successful exploits of DoS...

8.1CVSS7.2AI score0.12476EPSS
Exploits4References4Affected Software1
OSV
OSV
added 2022/04/12 5:15 p.m.5 views

CVE-2022-28213

When a user access SOAP Web services in SAP BusinessObjects Business Intelligence Platform - version 420, 430, it does not sufficiently validate the XML document accepted from an untrusted source, which might result in arbitrary files retrieval from the server and in successful exploits of DoS...

8.1CVSS7.4AI score0.12476EPSS
Exploits4References3
Prion
Prion
added 2022/04/12 5:15 p.m.19 views

Code injection

When a user access SOAP Web services in SAP BusinessObjects Business Intelligence Platform - version 420, 430, it does not sufficiently validate the XML document accepted from an untrusted source, which might result in arbitrary files retrieval from the server and in successful exploits of DoS...

5.5CVSS8.1AI score0.12476EPSS
Exploits4References3Affected Software1
EUVD
EUVD
added 2022/04/12 4:11 p.m.4 views

EUVD-2022-32667

When a user access SOAP Web services in SAP BusinessObjects Business Intelligence Platform - version 420, 430, it does not sufficiently validate the XML document accepted from an untrusted source, which might result in arbitrary files retrieval from the server and in successful exploits of DoS...

8.1CVSS8.1AI score0.12476EPSS
Exploits4References4
Positive Technologies
Positive Technologies
added 2022/04/12 12:0 a.m.2 views

PT-2022-18878 · Sap · Sap Businessobjects Business Intelligence Platform

Name of the Vulnerable Software and Affected Versions: SAP BusinessObjects Business Intelligence Platform versions 420, 430 Description: The issue arises when a user accesses SOAP Web services, and the system fails to sufficiently validate the XML document accepted from an untrusted source. This...

8.1CVSS7.9AI score0.12476EPSS
Exploits4References6
OSV
OSV
added 2021/11/08 4:15 a.m.3 views

CVE-2021-31601

An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. They implement a series of web services using the SOAP protocol to allow scripting interaction with the backend server. An authenticated user regardless of privileges can list all...

6.5CVSS5.8AI score0.01307EPSS
Exploits3References2
IBM Security Bulletins
IBM Security Bulletins
added 2018/10/02 7:35 p.m.14 views

Security Bulletin: Financial Transaction Manager for Corporate Payment Services for Multi-Platform is affected by a potential SQL Injection vulnerability CVE-2018-1819

Summary Financial Transaction Manager for Corporate Payment Services for Multi-Platform FTM CPS has addressed the following vulnerability: Potential SQL Injection CVE-2018-1819 Vulnerability Details CVEID: CVE-2018-1819 DESCRIPTION: IBM Financial Transaction Manager for Digital Payments for...

8.8CVSS1AI score0.01659EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2018/02/07 12:0 a.m.35 views

Debian: Security Advisory (DLA-1036-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS8.2AI score0.21894EPSS
Exploits2References3
Rows per page
Query Builder