| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-30009 | Multiple vulnerabilities in SAP Supplier Relationship Management (Live Auction Cockpit) | SAP_SE | SAP Supplier Relationship Management (Live Auction Cockpit) | Medium | 6.1 | 2025-05-13 00:12:53 | Deep Dive |
| CVE-2025-26662 | Cross-Site Scripting (XSS) vulnerability in the SAP Data Services Management Console | SAP_SE | SAP Data Services Management Console | Medium | 4.4 | 2025-05-13 00:09:06 | Deep Dive |
| CVE-2025-4373 | Glib: buffer underflow on glib through glib/gstring.c via function g_string_insert_unichar | - | - | Medium | 4.8 | 2025-05-06 14:48:39 | Deep Dive |
| CVE-2025-3891 | Mod_auth_openidc: dos via empty post in mod_auth_openidc with oidcpreservepost enabled | - | - | High | 7.5 | 2025-04-29 11:56:51 | Deep Dive |
| CVE-2025-31324 | Missing Authorization check in SAP NetWeaver (Visual Composer development server) | SAP_SE | SAP NetWeaver (Visual Composer development server) | Critical | 10.0 | 2025-04-24 16:50:28 | Deep Dive |
| CVE-2025-46421 | Libsoup: information disclosure may leads libsoup client sends authorization header to a different host when being redirected by a server | - | - | Medium | 6.8 | 2025-04-24 13:01:25 | Deep Dive |
| CVE-2025-46420 | Libsoup: memory leak on soup_header_parse_quality_list() via soup-headers.c | - | - | Medium | 6.5 | 2025-04-24 12:58:01 | Deep Dive |
| CVE-2025-31328 | Cross-Site Request Forgery (CSRF) vulnerability in SAP S/4 HANA (Learning Solution) | SAP_SE | SAP S/4 HANA (Learning Solution) | Medium | 4.6 | 2025-04-22 18:25:55 | Deep Dive |
| CVE-2025-31327 | OData meta-data property entity tampering in SAP Field Logistics | SAP_SE | SAP Field Logistics | Medium | 4.3 | 2025-04-22 18:25:46 | Deep Dive |
| CVE-2025-32911 | Libsoup: double free on soup_message_headers_get_content_disposition() through "soup-message-headers.c" via "params" ghashtable value | - | - | Critical | 9.0 | 2025-04-15 15:39:35 | Deep Dive |
| CVE-2025-3576 | Krb5: kerberos rc4-hmac-md5 checksum vulnerability enabling message spoofing via md5 collisions | - | - | Medium | 5.9 | 2025-04-15 05:55:27 | Deep Dive |
| CVE-2025-32914 | Libsoup: oob read on libsoup through function "soup_multipart_new_from_message" in soup-multipart.c leads to crash or exit of process | - | - | High | 7.4 | 2025-04-14 14:45:46 | Deep Dive |
| CVE-2025-32907 | Libsoup: denial of service in server when client requests a large amount of overlapping ranges with range header | - | - | Medium | 5.3 | 2025-04-14 14:00:10 | Deep Dive |
| CVE-2025-32906 | Libsoup: out of bounds reads in soup_headers_parse_request() | - | - | High | 7.5 | 2025-04-14 13:58:40 | Deep Dive |
| CVE-2025-32913 | Libsoup: null pointer dereference in soup_message_headers_get_content_disposition when "filename" parameter is present, but has no value in content-disposition header | - | - | High | 7.5 | 2025-04-14 13:37:37 | Deep Dive |
| CVE-2025-31333 | Odata meta-data tampering in SAP S4CORE entity | SAP_SE | SAP S4CORE entity | Medium | 4.3 | 2025-04-08 07:15:46 | Deep Dive |
| CVE-2025-31332 | Insecure File permissions vulnerability in SAP BusinessObjects Business Intelligence Platform | SAP_SE | SAP BusinessObjects Business Intelligence Platform | Medium | 6.6 | 2025-04-08 07:15:37 | Deep Dive |
| CVE-2025-31331 | Authorization Bypass vulnerability in SAP NetWeaver | SAP_SE | SAP NetWeaver | Medium | 4.3 | 2025-04-08 07:15:24 | Deep Dive |
| CVE-2025-31330 | Code Injection Vulnerability in SAP Landscape Transformation (Analysis Platform) | SAP_SE | SAP Landscape Transformation (Analysis Platform) | Critical | 9.9 | 2025-04-08 07:15:14 | Deep Dive |
| CVE-2025-30017 | Missing Authorization check in SAP Solution Manager | SAP_SE | SAP Solution Manager | Medium | 4.4 | 2025-04-08 07:15:03 | Deep Dive |