VUMETRIC
CYBER PORTAL
Dashboard
Security News
Latest Vulnerabilities
Browse Vulnerabilities
by Vendors
by Products
by Categories
Weekly Reports
Vulnerabilities
Exclude new CVEs:
DATE
CVE
VULNERABILITY TITLE
RISK
2025-02-11
CVE-2025-1170
Cross-site Scripting vulnerability in Fabian Real Estate Property Management System 1.0
A vulnerability classified as problematic has been found in code-projects Real Estate Property Management System 1.0.
network
low complexity
fabian
CWE-79
5.4
5.4
2025-02-11
CVE-2025-1168
Injection vulnerability in Rems Contact Manager With Export to VCF 1.0
A vulnerability was found in SourceCodester Contact Manager with Export to VCF 1.0.
network
low complexity
rems
CWE-74
critical
9.8
9.8
2025-02-11
CVE-2025-23189
Due to missing authorization check in an RFC enabled function module in transaction SDCCN, an authenticated attacker could generate technical meta-data.
network
low complexity
CWE-862
4.3
4.3
2025-02-11
CVE-2025-23190
Due to missing authorization check, an authenticated attacker could call a remote-enabled function module which allows them to access data that they would otherwise not have access to.
network
low complexity
CWE-862
4.3
4.3
2025-02-11
CVE-2025-23191
Cached values belonging to the SAP OData endpoint in SAP Fiori for SAP ERP could be poisoned by modifying the Host header value in an HTTP GET request.
network
high complexity
CWE-644
3.1
3.1
2025-02-11
CVE-2025-23193
SAP NetWeaver Server ABAP allows an unauthenticated attacker to exploit a vulnerability that causes the server to respond differently based on the existence of a specified user, potentially revealing sensitive information.
network
low complexity
CWE-204
5.3
5.3
2025-02-11
CVE-2025-24867
SAP BusinessObjects Platform (BI Launchpad) does not sufficiently handle user input, resulting in Cross-Site Scripting (XSS) vulnerability.
network
low complexity
CWE-79
6.1
6.1
2025-02-11
CVE-2025-24868
The User Account and Authentication service (UAA) for SAP HANA extended application services, advanced model (SAP HANA XS advanced model) allows an unauthenticated attacker to craft a malicious link, that, when clicked by a victim, redirects the browser to a malicious site due to insufficient redirect URL validation.
network
low complexity
CWE-601
7.1
7.1
2025-02-10
CVE-2025-1160
Unspecified vulnerability in Remyandrade Employee Management System 1.0
A vulnerability was found in SourceCodester Employee Management System 1.0.
network
low complexity
remyandrade
critical
9.8
9.8
2025-02-10
CVE-2025-1158
A vulnerability was found in ESAFENET CDG 5.6.3.154.205_20250114.
network
low complexity
CWE-74
6.3
6.3
«
Previous
1
2
...
82
83
84
(current)
85
86
...
16466
16467
»
Next