Common Vulnerabilities and Exposures (CVE)

CVE-2025-69644

Mar 10, 2026 02:31:00 UTC

An issue was discovered in Binutils before 2.46. The objdump contains a denial-of-service vulnerability when processing a crafted binary with malformed debug information. A logic flaw in the handling of DWARF location list headers can cause...

CVE-2026-1919

Mar 10, 2026 02:21:49 UTC

The Booking Calendar for Appointments and Service Businesses – Booktics plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on multiple REST API endpoints in all versions up to, and including,...

CVE-2026-1920

Mar 10, 2026 02:21:49 UTC

The Booking Calendar for Appointments and Service Businesses – Booktics plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'Extension_Controller::update_item_permissions_check' f...

CVE-2025-36173

Mar 10, 2026 01:40:26 UTC

Affected Product(s)Version(s)InfoSphere Data Architect9.2.1

CVE-2025-36105

Mar 10, 2026 00:50:05 UTC

IBM Planning Analytics Advanced Certified Containers 3.1.0 through 3.1.4 could allow a local privileged user to obtain sensitive information from environment variables.

CVE-2026-27689

Mar 10, 2026 00:19:05 UTC

Due to an uncontrolled resource consumption (Denial of Service) vulnerability, an authenticated attacker with regular user privileges and network access can repeatedly invoke a remote-enabled function module with an excessively large loop-c...

CVE-2026-27688

Mar 10, 2026 00:18:55 UTC

Due to a missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker with user privileges could read Database Analyzer Log Files via a specific RFC function module. The attacker with the necessary pri...

CVE-2026-27687

Mar 10, 2026 00:18:45 UTC

Due to missing authorization check in SAP S/4HANA HCM Portugal and SAP ERP HCM Portugal, a user with high privileges could access sensitive data belonging to another company. This vulnerability has a high impact on confidentiality and does ...

CVE-2026-27686

Mar 10, 2026 00:18:33 UTC

Due to a Missing Authorization Check in SAP Business Warehouse (Service API), an authenticated attacker could perform unauthorized actions via an affected RFC function module. Successful exploitation could enable unauthorized configuration ...

CVE-2026-27685

Mar 10, 2026 00:18:22 UTC

SAP NetWeaver Enterprise Portal Administration is vulnerable if a privileged user uploads untrusted or malicious content that, upon deserialization, could result in a high impact on the confidentiality, integrity, and availability of the ho...

CVE-2026-27684

Mar 10, 2026 00:18:10 UTC

SAP NetWeaver Feedback Notifications Service contains a SQL injection vulnerability that allows an authenticated attacker to inject arbitrary SQL code through user-controlled input fields. The application concatenates these inputs directly ...

CVE-2026-24317

Mar 10, 2026 00:18:00 UTC

SAP GUI for Windows allows DLL files to be loaded from arbitrary directories within the application. An unauthenticated attacker could exploit this vulnerability by persuading a victim to place a malicious DLL within one of these directorie...

CVE-2026-24316

Mar 10, 2026 00:17:51 UTC

SAP NetWeaver Application Server for ABAP provides an ABAP Report for testing purposes, which allows to send HTTP requests to arbitrary internal or external endpoints. The report is therefore vulnerable to Server-Side Request Forgery (SSRF)...

CVE-2026-24313

Mar 10, 2026 00:17:40 UTC

SAP Solution Tools Plug-In (ST-PI) contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidential...

CVE-2026-24311

Mar 10, 2026 00:17:30 UTC

The SAP Customer Checkout application exhibits certain design characteristics that involve locally storing operational data using reversible protection mechanisms. Access to this data, combined with user?initiated interaction, may allow mod...