CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/04/15 7:23 a.m.•1 views

CVE-2026-27674

Due to a Code Injection vulnerability in SAP NetWeaver Application Server Java Web Dynpro Java, an unauthenticated attacker could supply crafted input that is interpreted by the application and causes it to reference attacker-controlled content. If a victim accesses the affected functionality, th...

NVD•added 2026/04/14 12:16 a.m.•0 views

Exploits0References1

CVE-2026-27674

6.1CVSS0.00084EPSS

CVE•added 2026/04/14 12:6 a.m.•4 views

CVE-2026-27674

An unauthenticated code injection flaw in SAP NetWeaver Application Server Java (Web Dynpro Java) could allow a crafted input to cause the application to reference attacker‑controlled content, leading to execution of client‑side code in the victim’s browser and potential session compromise. Affec...

Exploits0References2Affected Software1

Cvelist•added 2026/04/14 12:6 a.m.•22 views

CVE-2026-27674 Code Injection vulnerability in SAP NetWeaver Application Server Java (Web Dynpro Java)

6.1CVSS0.00084EPSS

EUVD•added 2026/04/14 12:6 a.m.•1 views

EUVD-2026-22146

ATTACKERKB•added 2026/04/14 12:6 a.m.•0 views

CVE-2026-27674

Vulnrichment•added 2026/04/14 12:6 a.m.•0 views

CVE-2026-27674 Code Injection vulnerability in SAP NetWeaver Application Server Java (Web Dynpro Java)

Positive Technologies•added 2026/04/14 12:0 a.m.•1 views

PT-2026-32554

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-19354

Malware in sbrugna...

8.8CVSS6.9AI score0.00265EPSS

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2007-3481

Malware in sbrugna...

4.3CVSS6.4AI score0.00586EPSS

Exploits0References7

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-19355

Malware in sbrugna...

8.8CVSS6AI score0.00383EPSS

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-20341

Malware in sbrugna...

5.4CVSS5.9AI score0.00237EPSS

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2008-2416

Malware in sbrugna...

4.3CVSS6.4AI score0.07699EPSS

Exploits1References7

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2021-8752

Malicious code in bioql PyPI...

6.1CVSS5.4AI score0.00169EPSS

RedhatCVE•added 2025/05/22 7:10 p.m.•2 views

CVE-2021-21478

SAP Web Dynpro ABAP allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities...

6.1CVSS6.7AI score0.00169EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 5:29 p.m.•1 views

CVE-2020-6240

SAP NetWeaver AS ABAP Web Dynpro ABAP, versions SAPUI 750, 752, 753, 754 and SAPBASIS 700, 710, 730, 731, 804 allows an unauthenticated attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service leading to Denial of Service...

7.5CVSS6.9AI score0.01437EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:34 p.m.•4 views

CVE-2020-26819

SAP NetWeaver AS ABAP Web Dynpro, versions - 731, 740, 750, 751, 752, 753, 754, 755, 782, allows an authenticated user to access Web Dynpro components, that allows them to read and delete database logfiles because of Improper Access Control...

8.8CVSS6.6AI score0.00383EPSS

Exploits0

RedhatCVE•added 2025/05/22 3:23 p.m.•3 views

CVE-2020-26818

SAP NetWeaver AS ABAP Web Dynpro, versions - 731, 740, 750, 751, 752, 753, 754, 755, 782, allows an authenticated user to access Web Dynpro components, which reveals sensitive system information that would otherwise be restricted to highly privileged users because of missing authorization,...

8.8CVSS6.3AI score0.00265EPSS

Exploits0

OSV•added 2021/06/09 2:15 p.m.•0 views

CVE-2021-33664

SAP NetWeaver Application Server ABAP Applications based on Web Dynpro ABAP, versions - SAPUI - 750,752,753,754,755, SAPBASIS - 702, 731 does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

5.4CVSS7.3AI score0.00237EPSS