Missing Authorization check in Remote Function Call (RFC) in SAP NetWeaver Application Server ABAP
| CVE ID | Name | Publish Date | References |
|---|---|---|---|
| CVE-2025-0068 | Missing Authorization check in Remote Function Call (RFC) in SAP NetWeaver Application Server ABAP |
2025-01-14T00:09:52.994Z | SAP NetWeaver Application Server ABAP SAP_SE |
| CVE-2025-0217 | Privileged Remote Access Authentication Bypass |
2025-05-05T17:00:05.244Z | Privileged Remote Access BeyondTrust |
| CVE-2025-0366 | Jupiter X Core <= 4.8.7 - Authenticated (Contributor+) SVG Upload to Local File Inclusion (Remote Code Execution) |
2025-02-01T05:30:37.253Z | Jupiter X Core artbees |
| CVE-2025-0412 | Luxion KeyShot Viewer KSP File Parsing Memory Corruption Remote Code Execution Vulnerability |
2025-01-13T03:20:44.774Z | KeyShot Viewer Luxion |
| CVE-2025-0422 | Authenticated Remote Code Execution via ScriptVar |
2025-02-18T07:57:04.886Z | bestinformed Web Cordaware |
| CVE-2025-0520 | ShowDoc < 2.8.7 Unauthenticated File Upload Remote Code Execution |
2025-04-29T19:35:37.829Z | ShowDoc ShowDoc |
| CVE-2025-0731 | SMA: Sunny Portal Remote Code Execution |
2025-02-26T10:01:50.336Z | www.sunnyportal.com SMA |
| CVE-2025-0868 | Remote Code Execution in DocsGPT |
2025-02-20T11:26:11.784Z | DocsGPT Arc53 |
| CVE-2025-0899 | PDF-XChange Editor AcroForm Use-After-Free Remote Code Execution Vulnerability |
2025-02-11T19:22:58.592Z | PDF-XChange Editor PDF-XChange |
| CVE-2025-0901 | PDF-XChange Editor Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability |
2025-02-11T19:56:31.557Z | PDF-XChange Editor PDF-XChange |
| CVE-2025-0903 | PDF-XChange Editor RTF File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
2025-02-11T19:57:00.237Z | PDF-XChange Editor PDF-XChange |
| CVE-2025-0910 | PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
2025-02-11T19:58:17.542Z | PDF-XChange Editor PDF-XChange |
| CVE-2025-0936 | On affected platforms running Arista EOS with a gNMI transport enabled, running the gNOI File TransferToRemote RPC with credentials for a remote server may cause these remote-server credentials to be logged or accounted on the local EOS device or possibly |
2025-05-07T22:52:25.444Z | EOS Arista Networks |
| CVE-2025-10057 | WP Import – Ultimate CSV XML Importer for WordPress 7.20 - 7.28 - Authenticated (Subscriber+) Remote Code Execution via Code Injection |
2025-09-17T05:18:45.276Z | WP Import – Ultimate CSV XML Importer for WordPress smackcoders |
| CVE-2025-10380 | Advanced Views – Display Posts, Custom Fields, and More <= 3.7.19 - Authenticated (Author+) Remote Code Execution via SSTI |
2025-09-23T03:34:34.263Z | Advanced Views – Display Posts, Custom Fields, and More wplakeorg |
| CVE-2025-10548 | Missing Certificate Validation in CleverControl Installer Allows Remote Code Execution |
2025-09-23T06:49:33.659Z | CleverControl employee monitoring software CleverControl |
| CVE-2025-10767 | CosmodiumCS OnlyRAT Configuration File main.py remote_download os command injection |
2025-09-21T22:02:07.886Z | OnlyRAT CosmodiumCS |
| CVE-2025-10772 | huggingface LeRobot ZeroMQ Socket lekiwi_remote.py missing authentication |
2025-09-21T23:32:05.896Z | LeRobot huggingface |
| CVE-2025-10907 | Authenticated Arbitrary File Upload in Multiple WSO2 Products via SOAP Admin Services Leading to Remote Code Execution |
WSO2 Open Banking IAM WSO2 | WSO2 API Manager WSO2 |
| CVE-2025-10920 | GIMP ICNS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability |
2025-10-29T19:29:35.471Z | GIMP GIMP |
| CVE-2025-10921 | GIMP HDR File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
2025-10-29T19:29:39.135Z | GIMP GIMP |
| CVE-2025-10922 | GIMP DCM File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
2025-10-29T19:29:42.905Z | GIMP GIMP |
| CVE-2025-10923 | GIMP WBMP File Parsing Integer Overflow Remote Code Execution Vulnerability |
2025-10-29T19:29:46.493Z | GIMP GIMP |
| CVE-2025-10924 | GIMP FF File Parsing Integer Overflow Remote Code Execution Vulnerability |
2025-10-29T19:29:50.398Z | GIMP GIMP |
| CVE-2025-10925 | GIMP ILBM File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability |
2025-10-29T19:29:54.680Z | GIMP GIMP |
| CVE-2025-10934 | GIMP XWD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
2025-10-29T19:58:55.670Z | GIMP GIMP |
| CVE-2025-11020 | Remote Code Execution in MarkAny SafePC Enterprise |
2025-10-02T05:15:50.859Z | SafePC Enterprise MarkAny |
| CVE-2025-11201 | MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability |
2025-10-29T19:37:10.690Z | MLflow MLflow |
| CVE-2025-11202 | win-cli-mcp-server resolveCommandPath Command Injection Remote Code Execution Vulnerability |
2025-10-29T19:36:39.563Z | win-cli-mcp-server win-cli-mcp-server |
| CVE-2025-11221 | Remote Code Execution in GTONE ChangeFlow |
2025-10-02T05:15:16.178Z | ChangeFlow GTONE |
| CVE-2025-11463 | Ashlar-Vellum Cobalt XE File Parsing Integer Overflow Remote Code Execution Vulnerability |
2025-10-29T19:43:29.758Z | Cobalt Ashlar-Vellum |
| CVE-2025-11464 | Ashlar-Vellum Cobalt CO File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability |
2025-10-29T19:43:41.524Z | Cobalt Ashlar-Vellum |
| CVE-2025-11465 | Ashlar-Vellum Cobalt CO File Parsing Use-After-Free Remote Code Execution Vulnerability |
2025-10-29T19:44:00.443Z | Cobalt Ashlar-Vellum |
| CVE-2025-11651 | UTT 进取 518G formRemoteControl sub_4247AC buffer overflow |
2025-10-12T23:32:06.071Z | 进取 518G UTT |
| CVE-2025-11953 | Command injection in React Native Community CLI allows remote attackers to perform remote code execution by sending HTTP requests |
2025-11-03T16:35:07.168Z |
|
| CVE-2025-1051 | Sonos Era 300 Heap-based Buffer Overflow Remote Code Execution Vulnerability |
2025-06-02T19:05:27.126Z | Era 300 Sonos |
| CVE-2025-1457 | Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows) <= 5.10.28 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting |
2025-04-19T03:21:24.783Z | Element Pack Addons for Elementor – Best Elementor addons with Ready Templates, Blocks, Widgets and WooCommerce Builder bdthemes |
| CVE-2025-1458 | Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid, Carousel and Remote Arrows) <= 5.10.29 - Authenticated (Contributor+) Stored Cross-Site Scripting |
2025-04-26T05:34:23.210Z | Element Pack Addons for Elementor – Best Elementor addons with Ready Templates, Blocks, Widgets and WooCommerce Builder bdthemes |
| CVE-2025-1497 | Remote Code Execution in PlotAI |
2025-03-10T13:56:24.309Z | PlotAI MLJAR |
| CVE-2025-1520 | PostHog ClickHouse Table Functions SQL Injection Remote Code Execution Vulnerability |
2025-04-23T16:45:19.536Z | PostHog PostHog |
| CVE-2025-1727 | End-of-Train and Head-of-Train Remote Linking Protocol Weak Authentication |
2025-07-10T22:59:34.802Z | End-of-Train and Head-of-Train remote linking protocol End-of-Train and Head-of-Train remote linking protocol |
| CVE-2025-1862 | Authenticated Arbitrary File Upload in Multiple WSO2 Products via BPEL Uploader SOAP Service Leading to Remote Code Execution |
WSO2 Identity Server WSO2 | WSO2 Enterprise Integrator WSO2 |
| CVE-2025-1980 | Remote Code Execution via Unrestricted File Upload in Ready_ |
2025-04-16T12:35:22.847Z | Ready_ Symfonia |
| CVE-2025-20133 | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Authentication Targeted Denial of Service Vulnerability |
Cisco Firepower Threat Defense Software Cisco | Cisco Adaptive Security Appliance (ASA) Software Cisco |
| CVE-2025-20229 | Remote Code Execution through file upload to “$SPLUNK_HOME/var/run/splunk/apptemp“ directory in Splunk Enterprise |
Splunk Cloud Platform Splunk | Splunk Enterprise Splunk |
| CVE-2025-20236 | Cisco Webex App Client-Side Remote Code Execution Vulnerability |
2025-04-16T16:16:23.291Z | Cisco Webex Teams Cisco |
| CVE-2025-20243 | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access SSL VPN Denial of Service Vulnerability |
Cisco Firepower Threat Defense Software Cisco | Cisco Adaptive Security Appliance (ASA) Software Cisco |
| CVE-2025-20244 | Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software Remote Access VPN Web Server Denial of Service Vulnerability |
Cisco Firepower Threat Defense Software Cisco | Cisco Adaptive Security Appliance (ASA) Software Cisco |
| CVE-2025-20265 | Cisco Secure Firewall Management Center Software Radius Remote Code Execution Vulnerability |
2025-08-14T16:30:03.286Z | Cisco Firepower Management Center Cisco |
| CVE-2025-20268 | Cisco Secure Firewall Threat Defense Software Geolocation Remote Access VPN Bypass Vulnerability |
2025-08-14T16:30:34.427Z | Cisco Firepower Threat Defense Software Cisco |
Page created: