| Page(s) : 1 ... 256 257 258 259 260 261 262 263 264 265 [266] 267 268 269 270 271 272 273 274 275 276 ... | Result(s) : 324598 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 7.8 | 2025-05-13 | CVE-2025-43547 | cve | Bridge versions 15.0.3, 14.1.6 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the cu... |
| 7.8 | 2025-05-13 | CVE-2025-43546 | cve | Bridge versions 15.0.3, 14.1.6 and earlier are affected by an Integer Underflow (Wrap or Wraparound) vulnerability that could result in arbitrary code execution in the context o... |
| 7.8 | 2025-05-13 | CVE-2025-43545 | cve | Bridge versions 15.0.3, 14.1.6 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the c... |
| 4.3 | 2025-05-13 | CVE-2025-4339 | cve | The TheGem theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajaxApi() function in all versions up to, and includin... |
| 8.8 | 2025-05-13 | CVE-2025-4317 | cve | The TheGem theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the thegem_get_logo_url() function in all versions up to, and inclu... |
| 7.7 | 2025-05-13 | CVE-2025-43011 | cve | Under certain conditions, SAP Landscape Transformation's PCL Basis module does not perform the necessary authorization checks, allowing authenticated users to access restri... |
| 8.3 | 2025-05-13 | CVE-2025-43010 | cve | SAP S/4HANA Cloud Private Edition or on Premise (SCM Master Data Layer (MDL)) allows an authenticated attacker with SAP standard authorization to execute a certain function modu... |
| 6.3 | 2025-05-13 | CVE-2025-43009 | cve | SAP Service Parts Management (SPM) does not perform necessary authorization checks for an authenticated user, allowing an attacker to escalate privileges. This has low impact on... |
| 5.8 | 2025-05-13 | CVE-2025-43008 | cve | Due to missing authorization check, an unauthorized user can view the files of other company. This might lead to disclosure of personal data of employees. There is no impact on ... |
| 6.3 | 2025-05-13 | CVE-2025-43007 | cve | SAP Service Parts Management (SPM) does not perform necessary authorization checks for an authenticated user, allowing an attacker to escalate privileges. This has low impact on... |
| 6.1 | 2025-05-13 | CVE-2025-43006 | cve | SAP Supplier Relationship Management (Master Data Management Catalogue) allows an unauthenticated attacker to execute malicious scripts in the application, potentially leading t... |
| 4.3 | 2025-05-13 | CVE-2025-43005 | cve | SAP GUI for Windows allows an unauthenticated attacker to exploit insecure obfuscation algorithms used by the GuiXT application to store user credentials. While this issue does ... |
| 5.3 | 2025-05-13 | CVE-2025-43004 | cve | Due to a security misconfiguration vulnerability, customers can develop Production Operator Dashboards (PODs) that enable outside users to access customer data when they access ... |
| 6.4 | 2025-05-13 | CVE-2025-43003 | cve | SAP S/4 HANA allows an authenticated attacker with user privileges to configure a field not intended for their access and create a custom UI layout displaying this field. On per... |
| 4.3 | 2025-05-13 | CVE-2025-43002 | cve | SAP S4CORE OData meta-data property allows an authenticated attacker to access restricted information due to missing authorization check. This could cause a low impact on confid... |
| 7.9 | 2025-05-13 | CVE-2025-43000 | cve | Under certain conditions Promotion Management Wizard (PMW) allows an attacker to access information which would otherwise be restricted.This has High impact on Confidentiality w... |
| N/A | 2025-05-13 | CVE-2025-42999 | cve | SAP NetWeaver Visual Composer Metadata Uploader is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potentially lead t... |
| 6.6 | 2025-05-13 | CVE-2025-42997 | cve | Under certain conditions, SAP Gateway Client allows a high-privileged user to access restricted information beyond the scope of the application. Due to the possibility of influe... |
| 8.6 | 2025-05-13 | CVE-2025-41645 | cve | An unauthenticated remote attacker could use a demo account of the portal to hijack devices that were created in that account by mistake. |
| N/A | 2025-05-13 | CVE-2025-40628 | cve | SQL injection vulnerability in DomainsPRO 1.2. This vulnerability could allow an attacker to retrieve, create, update and delete databases via the ādā parameter in the ā/article... |
| Page(s) : 1 ... 256 257 258 259 260 261 262 263 264 265 [266] 267 268 269 270 271 272 273 274 275 276 ... | Result(s) : 324598 |
