CVE-2026-0502

The CVE-2026-0502 entry concerns SAP BusinessObjects Business Intelligence Platform with a CSRF protection flaw. An authenticated user can be tricked into sending unintended requests to the web server, leading to low impact on integrity and availability and no confidentiality impact. Public detai...

EUVD-2007-3425

Malware in sbrugna...

CVE-2024-10207 Server-Side Request Forgery (authenticated) in APROL Web Portal

A Server-Side Request Forgery vulnerability in the APROL Web Portal used in B&R APROL 4.4-00P5 may allow an authenticated network-based attacker to force the web server to request arbitrary URLs...

Schneider Electric Modicon M580 安全漏洞

The Schneider Electric Modicon M580 is a programmable automation controller from Schneider Electric France. A security vulnerability exists in the Schneider Electric Modicon M580 that stems from the inclusion of a buffer size miscalculation vulnerability that could result in a denial of service o...

Null pointer dereference

In the CODESYS V2 web server prior to V1.1.9.22 crafted web server requests may cause a Null pointer dereference in the CODESYS web server and may result in a denial-of-service condition...

Security Update For Exchange Server 2013 CU9 (KB3087126)

This security update resolves a vulnerability in Microsoft Exchange Server. The vulnerability could allow information disclosure if Outlook Web Access OWA fails to properly handle web server requests...