13686 matches found
CVE-2025-42887
Due to missing input sanitation, SAP Solution Manager allows an authenticated attacker to insert malicious code when calling a remote-enabled function module. This could provide the attacker with full control of the system hence leading to high impact on confidentiality, integrity and availabilit...
CVE-2025-42887
Due to missing input sanitation, SAP Solution Manager allows an authenticated attacker to insert malicious code when calling a remote-enabled function module. This could provide the attacker with full control of the system hence leading to high impact on confidentiality, integrity and availabilit...
CVE-2025-42889
SAP Starter Solution allows an authenticated attacker to execute crafted database queries, thereby exposing the back-end database. As a result, this vulnerability has a low impact on the application's confidentiality and integrity but no impact on its availability...
CVE-2025-42889
CVE-2025-42889 affects SAP Starter Solution. An authenticated attacker can execute crafted database queries, exposing the back-end database. Impact is described as low for confidentiality and integrity, with no availability impact. Multiple connected sources (NVD/Red Hat/NCSc/CVE listing) confirm...
CVE-2025-42889 SQL Injection vulnerability in SAP Starter Solution (PL SAFT)
SAP Starter Solution allows an authenticated attacker to execute crafted database queries, thereby exposing the back-end database. As a result, this vulnerability has a low impact on the application's confidentiality and integrity but no impact on its availability...
CVE-2025-42889 SQL Injection vulnerability in SAP Starter Solution (PL SAFT)
SAP Starter Solution allows an authenticated attacker to execute crafted database queries, thereby exposing the back-end database. As a result, this vulnerability has a low impact on the application's confidentiality and integrity but no impact on its availability...
CVE-2025-42887 Code Injection vulnerability in SAP Solution Manager
Due to missing input sanitation, SAP Solution Manager allows an authenticated attacker to insert malicious code when calling a remote-enabled function module. This could provide the attacker with full control of the system hence leading to high impact on confidentiality, integrity and availabilit...
CVE-2025-42887
CVE-2025-42887 affects SAP Solution Manager. The vulnerability is a code-injection flaw caused by missing input sanitization when an authenticated user calls a remote-enabled function module, potentially allowing full system compromise with high impact to confidentiality, integrity, and availabil...
CVE-2025-42887 Code Injection vulnerability in SAP Solution Manager
Due to missing input sanitation, SAP Solution Manager allows an authenticated attacker to insert malicious code when calling a remote-enabled function module. This could provide the attacker with full control of the system hence leading to high impact on confidentiality, integrity and availabilit...
PT-2025-46228
Name of the Vulnerable Software and Affected Versions SAP Solution Manager affected versions not specified Description SAP Solution Manager is susceptible to a code injection issue stemming from inadequate input sanitization. An authenticated attacker can inject malicious code by calling a...
SAP Solution Manager 代码注入漏洞
SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as one of the system management platform. The platform can help customers establish SAP solution lifecycle management, and provide system...
PT-2025-46230
Name of the Vulnerable Software and Affected Versions SAP Starter Solution affected versions not specified Description SAP Starter Solution allows an authenticated attacker to execute crafted database queries, potentially exposing the back-end database. This can impact the confidentiality and...
PT-2025-45250
Path Traversal: '.../...//' vulnerability in Dmitry V. CEO of "UKR Solution" Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Path Traversal.This issue affects Barcode Scanner with Inventory & Order Manager: from n/a through =...
Dell Unity OS Command Injection Vulnerability (CNVD-2025-27583)
Dell Unity is a mid-range storage solution from Dell that supports file storage, block storage, and a variety of data services features designed to meet the needs of organizations for flexibility, cost-effectiveness, and simplicity. Dell Unity suffers from an operating system command injection...
Dell Unity OS Command Injection Vulnerability (CNVD-2025-27585)
Dell Unity is a mid-range storage solution from Dell that supports file storage, block storage, and a variety of data services features designed to meet the needs of organizations for flexibility, cost-effectiveness, and simplicity. Dell Unity suffers from an operating system command injection...
Security Bulletin: Multiple vulnerabilities in IBM DevOps Solution Workbench
Summary Multiple vulnerabilities were addressed in IBM DevOps Solution Workbench version 5.1. Vulnerability Details CVEID:CVE-2025-46701 DESCRIPTION: Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that...
Nagios XI 安全漏洞
Nagios XI is a suite of IT infrastructure monitoring solutions from US-based Nagios. The solution supports monitoring and alerting of applications, services, operating systems, and more. A security vulnerability exists in Nagios XI versions prior to 2024R1.2, which stems from insufficient...
Nagios Network Analyzer 安全漏洞
Nagios Network Analyzer is an enterprise solution for monitoring and analyzing network traffic from Nagios, Inc. A security vulnerability exists in Nagios Network Analyzer versions prior to 2024R1 that stems from insufficient validation of user input in the Percentile Calculator menu, which could...
CVE-2025-60983
Reflected Cross Site Scripting vulnerability in Rubikon Banking Solution 4.0.3 in the "Search For Customers Information" endpoints...
EUVD-2025-36219
Reflected Cross Site Scripting vulnerability in Rubikon Banking Solution 4.0.3 in the "Search For Customers Information" endpoints...