CVE-2026-40133

Due to missing authorization check in SAP S/4HANA Condition Maintenance, an authenticated attacker could gain unauthorized access to view and modify condition table records, resulting in low impact on the confidentiality and integrity of the data. Additionally, this vulnerability may prevent the...

CVE-2026-40133 Missing Authorization check in SAP S/4HANA Condition Maintenance

Due to missing authorization check in SAP S/4HANA Condition Maintenance, an authenticated attacker could gain unauthorized access to view and modify condition table records, resulting in low impact on the confidentiality and integrity of the data. Additionally, this vulnerability may prevent the...

CVE-2025-4208

The NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress is vulnerable to Limited Code Execution in all versions up to, and including, 8.9.1 via the gettablerecords function. This is due to the unsanitized use of user-supplied input in calluserfunc. This makes it...

WordPress plugin NEX-Forms 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...

PT-2024-16599 · WordPress · Nex-Forms

Name of the Vulnerable Software and Affected Versions: NEX-Forms – Ultimate Form Builder – Contact forms and much more plugin for WordPress versions up to 8.7.13 Description: The issue arises from insufficient escaping on the user-supplied search params parameter and a lack of sufficient...

The vulnerability of the OpenOffice office suite arises from integer overflows that occur during the creation of records in the document table. This allows attackers to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the OpenOffice office suite is related to a potential overflow condition. Exploiting this vulnerability could allow an attacker to gain access to confidential data, compromise its integrity, and even cause service failures due to the records created by the attack...

Cross-site Request Forgery (CSRF)

phpmyadmin/phpmyadmin is vulnerable to cross-site request forgery CSRF attacks. The vulnerability exists as sensitive actions that allows modification of table records was possible through GET requests, allowing CSRF attacks to be executed...

Microsoft Excel Biff Record PtgName Entries Code Execution (MS10-080) - Ver2 (CVE-2010-3235)

Microsoft Excel is a popular spreadsheet application. A memory corruption vulnerability has been identified in Microsoft Excel. The vulnerability is due to an error in Microsoft Office Excel that fails to properly validate formula information upon opening a specially crafted Excel file. A remote...

Microsoft Excel Corrupted Table Records Code Execution (MS10-080) - Ver2 (CVE-2010-3232)

Microsoft Excel is a popular spreadsheet application. A remote attacker could exploit this issue via a malformed Excel file. Successful exploitation of this vulnerability may allow execution of arbitrary code on a target system. A memory corruption vulnerability has been identified in Microsoft...

OpenOffice.org Word document Integer Underflow

Integer underflow in OpenOffice.org OOo before 3.1.1 and StarOffice/StarSuite 7, 8, and 9 might allow remote attackers to execute arbitrary code via crafted records in the document table of a Word document, leading to a heap-based buffer overflow...