VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-04-08
CVE-2025-30013
SAP ERP BW Business Content is vulnerable to OS Command Injection through certain function modules.
local
low complexity
CWE-94
6.7
6.7
2025-04-08
CVE-2025-30014
SAP Capital Yield Tax Management has directory traversal vulnerability due to insufficient path validation.
network
low complexity
CWE-35
7.7
7.7
2025-04-08
CVE-2025-30015
Due to incorrect memory address handling in ABAP SQL of SAP NetWeaver and ABAP Platform (Application Server ABAP), an authenticated attacker with high privileges could execute certain forms of SQL queries leading to manipulation of content in the output variable.
network
high complexity
CWE-787
4.1
4.1
2025-04-08
CVE-2025-30016
SAP Financial Consolidation allows an unauthenticated attacker to gain unauthorized access to the Admin account.
network
low complexity
CWE-921
critical
9.8
9.8
2025-04-08
CVE-2025-30017
Due to a missing authorization check, an authenticated attacker could upload a file as a template for solution documentation in SAP Solution Manager 7.1.
local
low complexity
CWE-862
4.4
4.4
2025-04-08
CVE-2025-31330
SAP Landscape Transformation (SLT) allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC.
network
low complexity
CWE-94
critical
9.9
9.9
2025-04-08
CVE-2025-31331
SAP NetWeaver allows an attacker to bypass authorization checks, enabling them to view portions of ABAP code that would normally require additional validation.
network
low complexity
CWE-863
4.3
4.3
2025-04-08
CVE-2025-31332
Due to insecure file permissions in SAP BusinessObjects Business Intelligence Platform, an attacker who has local access to the system could modify files potentially disrupting operations or cause service downtime hence leading to a high impact on integrity and availability.
local
low complexity
CWE-277
6.6
6.6
2025-04-08
CVE-2025-31333
SAP S4CORE OData meta-data property is vulnerable to data tampering, due to which entity set could be externally modified by an attacker causing low impact on integrity of the application.
network
low complexity
CWE-472
4.3
4.3
2025-04-08
CVE-2025-3431
The ZoomSounds - WordPress Wave Audio Player with Playlist plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 6.91 via the 'dzsap_download' action.
network
low complexity
CWE-73
7.5
7.5
«
Previous
1
2
...
19
20
21
(current)
22
23
...
16818
16819
»
Next