Export limit exceeded: 344374 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344374 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-0512 | 2026-04-14 | 6.1 Medium | ||
| Due to a Cross-Site Scripting (XSS) vulnerability in the SAP Supplier Relationship Management (SICF Handler in SRM Catalog), an unauthenticated attacker could craft a malicious URL, that if accessed by a victim, results in execution of malicious content within the victim's browser. This could allow the attacker to access and modify information, impacting the confidentiality and integrity of the application, while availability remains unaffected. | ||||
| CVE-2026-24318 | 2026-04-14 | 4.2 Medium | ||
| Due to an Insecure session management vulnerability in SAP Business Objects Business Intelligence Platform, an unauthenticated attacker could obtain valid session tokens and reuse them to gain unauthorized access to a victim�s session. If the application continues to accept previously issued tokens after authentication, the attacker could assume the victim�s authenticated context. This could allow the attacker to access or modify information within the victim�s session scope, impacting confidentiality and integrity, while availability remains unaffected. | ||||
| CVE-2026-27672 | 2026-04-14 | 4.3 Medium | ||
| The Material Master application does not enforce authorization checks for authenticated users when executing reports, resulting in the disclosure of sensitive information. This vulnerability has a low impact on confidentiality and does not affect integrity and availability of the system. | ||||
| CVE-2026-27673 | 2026-04-14 | 4.9 Medium | ||
| Due to a missing authorization check, SAP S/4HANA (Private Cloud and On-Premise) allows an authenticated user to delete files on the operating system and gain unauthorized control over file operations which could leads to no impact on Confidentiality, Low impact on Integrity and Availability of the application. | ||||
| CVE-2026-27674 | 2026-04-14 | 6.1 Medium | ||
| Due to a Code Injection vulnerability in SAP NetWeaver Application Server Java (Web Dynpro Java), an unauthenticated attacker could supply crafted input that is interpreted by the application and causes it to reference attacker-controlled content. If a victim accesses the affected functionality, that attacker-controlled content could be executed in the victim�s browser, potentially resulting in session compromise. This could allow the attacker to execute arbitrary client-side code, impacting the confidentiality and integrity of the application, with no impact to availability. | ||||
| CVE-2026-27675 | 2026-04-14 | 2 Low | ||
| SAP Landscape Transformation contains a vulnerability in an RFC-exposed function module that could allow a high privileged adversary to inject arbitrary ABAP code and operating system commands. Due to this, some information could be modified, but the attacker does not have control over kind or degree. This leads to a low impact on integrity, while confidentiality and availability are not impacted. | ||||
| CVE-2026-27676 | 2026-04-14 | 4.3 Medium | ||
| Due to missing authorization checks in the SAP S/4HANA OData Service (Manage Technical Object Structures), an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability results in a low impact on integrity, while confidentiality and availability are not impacted. | ||||
| CVE-2026-27677 | 2026-04-14 | 6.5 Medium | ||
| Due to missing authorization checks in the SAP S/4HANA OData Service (Manage Reference Equipment), an attacker could update and delete child entities via OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and availability are not impacted. | ||||
| CVE-2026-27678 | 2026-04-14 | 6.5 Medium | ||
| Due to missing authorization checks in the SAP S/4HANA backend OData Service (Manage Reference Structures), an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and availability are not impacted. | ||||
| CVE-2026-27679 | 2026-04-14 | 6.5 Medium | ||
| Due to missing authorization checks in the SAP S/4HANA frontend OData Service (Manage Reference Structures), an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and availability are not impacted. | ||||
| CVE-2026-27681 | 2026-04-14 | 9.9 Critical | ||
| Due to insufficient authorization checks in SAP Business Planning and Consolidation and SAP Business Warehouse, an authenticated user can execute crafted SQL statements to read, modify, and delete database data. This leads to a high impact on the confidentiality, integrity, and availability of the system. | ||||
| CVE-2026-27683 | 2026-04-14 | 4.1 Medium | ||
| SAP BusinessObjects Business Intelligence application allows an authenticated attacker to inject malicious JavaScript payloads through crafted URLs. When a victim accesses the URL, the script executes in the user�s browser, potentially exposing restricted information. This results in a low impact on confidentiality with no impact on integrity and availability. | ||||
| CVE-2026-34256 | 2026-04-14 | 7.1 High | ||
| Due to a missing authorization check in SAP ERP and SAP S/4HANA (Private Cloud and On-Premise), an authenticated attacker could execute a particular ABAP report to overwrite any existing eight?character executable ABAP report without authorization. If the overwritten report is subsequently executed, the intended functionality could become unavailable. Successful exploitation impacts availability, with a limited impact on integrity confined to the affected report, while confidentiality remains unaffected. | ||||
| CVE-2026-34257 | 2026-04-14 | 6.1 Medium | ||
| Due to an Open Redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft malicious URL that, if accessed by a victim, they could be redirected to the page controlled by the attacker. This causes low impact on confidentiality and integrity of the application with no impact on availability. | ||||
| CVE-2026-34261 | 2026-04-14 | 6.5 Medium | ||
| Due to a missing authorization check in SAP Business Analytics and SAP Content Management, an authenticated user could make unauthorized calls to certain remote function modules, potentially accessing sensitive information beyond their intended permissions. This vulnerability affects confidentiality, with no impact on integrity and availability. | ||||
| CVE-2026-34262 | 2026-04-14 | 5 Medium | ||
| Information Disclosure Vulnerability in SAP HANA Cockpit and HANA Database Explorer | ||||
| CVE-2026-34264 | 2026-04-14 | 6.5 Medium | ||
| During authorization checks in SAP Human Capital Management for SAP S/4HANA, the system returns specific messages. Due to this, an authenticated user with low privileges could guess and enumerate the content shown, beyond their authorized scope. This leads to disclosure of sensitive information causing a high impact on confidentiality, while integrity and availability are unaffected. | ||||
| CVE-2026-6264 | 1 Talend | 2 Esb Runtime, Jobserver | 2026-04-14 | 9.8 Critical |
| A critical vulnerability in the Talend JobServer and Talend Runtime allows unauthenticated remote code execution via the JMX monitoring port. The attack vector is the JMX monitoring port of the Talend JobServer. The vulnerability can be mitigated for the Talend JobServer by requiring TLS client authentication for the monitoring port; however, the patch must be applied for full mitigation. For Talend ESB Runtime, the vulnerability can be mitigated by disabling the JobServer JMX monitoring port, which is disabled by default from the R2024-07-RT patch. | ||||
| CVE-2025-13822 | 2026-04-14 | N/A | ||
| MCPHub in versions below 0.11.0 is vulnerable to authentication bypass. Some endpoints are not protected by authentication middleware, allowing an unauthenticated attacker to perform actions in the name of other users and using their privileges. | ||||
| CVE-2026-2332 | 2026-04-14 | 7.4 High | ||
| In Eclipse Jetty, the HTTP/1.1 parser is vulnerable to request smuggling when chunk extensions are used, similar to the "funky chunks" techniques outlined here: * https://w4ke.info/2025/06/18/funky-chunks.html * https://w4ke.info/2025/10/29/funky-chunks-2.html Jetty terminates chunk extension parsing at \r\n inside quoted strings instead of treating this as an error. POST / HTTP/1.1 Host: localhost Transfer-Encoding: chunked 1;ext="val X 0 GET /smuggled HTTP/1.1 ... Note how the chunk extension does not close the double quotes, and it is able to inject a smuggled request. | ||||