25 matches found
CVE-2026-44743
Under certain conditions, when an unauthorized attacker accesses a specific endpoint, SAP Business Objects application leaks sensitive information .This has a low impact on the confidentiality of the data. There is no impact on integrity and availability of the application...
CVE-2026-44743
Under certain conditions, when an unauthorized attacker accesses a specific endpoint, SAP Business Objects application leaks sensitive information .This has a low impact on the confidentiality of the data. There is no impact on integrity and availability of the application...
EUVD-2026-35280
Under certain conditions, when an unauthorized attacker accesses a specific endpoint, SAP Business Objects application leaks sensitive information .This has a low impact on the confidentiality of the data. There is no impact on integrity and availability of the application...
PT-2026-47531
Under certain conditions, when an unauthorized attacker accesses a specific endpoint, SAP Business Objects application leaks sensitive information .This has a low impact on the confidentiality of the data. There is no impact on integrity and availability of the application...
CVE-2023-5872
In Wago Smart Designer in versions up to 2.33.1 a low privileged remote attacker may enumerate projects and usernames through iterative requests to an specific endpoint...
CVE-2023-5872 Wago: Vulnerability in Smart Designer Web-Application
In Wago Smart Designer in versions up to 2.33.1 a low privileged remote attacker may enumerate projects and usernames through iterative requests to an specific endpoint...
PT-2026-33255
In Wago Smart Designer in versions up to 2.33.1 a low privileged remote attacker may enumerate projects and usernames through iterative requests to an specific endpoint...
EUVD-2025-209199
HiOS Switch Platform contains a denial-of-service vulnerability in the web interface that allows remote attackers to reboot the affected device by sending a malicious HTTP GET request to a specific endpoint. Attackers can trigger an uncontrolled reboot condition through crafted HTTP requests to...
CVE-2025-62346 HCL Glovius Cloud is susceptible to a Cross-Site Request Forgery (CSRF) vulnerability
A Cross-Site Request Forgery CSRF vulnerability was identified in HCL Glovius Cloud. An attacker can force a user's web browser to execute an unwanted, malicious action on a trusted site where the user is authenticated, specifically on one endpoint...
CVE-2025-36121 HTML Injection Vulnerability in a Specific URL Endpoint of the IBM OpenPages Application
IBM OpenPages 9.1 and 9.0 is vulnerable to HTML injection. A remotely authenticated attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site...
EUVD-2025-27736
Malicious code in bioql PyPI...
EUVD-2023-38324
Malicious code in bioql PyPI...
EUVD-2024-36556
Malicious code in bioql PyPI...
CVE-2025-27714
An attacker could exploit this vulnerability by uploading arbitrary files via the a specific endpoint, leading to unauthorized remote code execution or system compromise...
CVE-2025-27714 INFINITT Healthcare INFINITT PACS Unrestricted Upload of File with Dangerous Type
An attacker could exploit this vulnerability by uploading arbitrary files via the a specific endpoint, leading to unauthorized remote code execution or system compromise...
CVE-2025-27714
CVE-2025-27714 affects INFINITT PACS System Manager. The vulnerability arises from a flaw that allows uploading arbitrary files via a specific endpoint, which could lead to unauthorized remote code execution or system compromise. Public references consistently describe this as an arbitrary file u...
PT-2025-34276 · Infinitt Healthcare · Infinitt Pacs System Manager
Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. affected versions not specified Description: An attacker could exploit this vulnerability by uploading arbitrary files via a specific endpoint, potentially leading to unauthorized remote code execution o...
SUSE CVE-2024-37281
An issue was discovered in Kibana where a user with Viewer role could cause a Kibana instance to crash by sending a large number of maliciously crafted requests to a specific endpoint...
CVE-2024-37281
An issue was discovered in Kibana where a user with Viewer role could cause a Kibana instance to crash by sending a large number of maliciously crafted requests to a specific endpoint...
Elastic Kibana 资源管理错误漏洞
Elastic Kibana is an available data visualization dashboard software from Elastic. A resource management error vulnerability exists in Kibana. An attacker exploits this vulnerability to send a large number of maliciously crafted requests to a specific endpoint, which can cause a Kibana instance t...