https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 04 May 2026 03:54:45 +0000 https://db.gcve.eu/sighting/460cdc68-3ddf-453f-8155-a6abf47a8ffb/export {"uuid": "460cdc68-3ddf-453f-8155-a6abf47a8ffb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2743", "type": "seen", "source": "https://t.me/cvedetector/21056", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-2743 - Zhijiantianya Ruoyi-Vue-Pro Remote Path Traversal Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-2743 \nPublished : March 25, 2025, 7:15 a.m. | 32\u00a0minutes ago \nDescription : A vulnerability, which was classified as problematic, has been found in zhijiantianya ruoyi-vue-pro 2.4.1. This issue affects some unknown processing of the file /admin-api/mp/material/upload-temporary of the component Material Upload Interface. The manipulation of the argument File leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"25 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T09:27:32.000000Z"} {"uuid": "460cdc68-3ddf-453f-8155-a6abf47a8ffb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-2743", "type": "seen", "source": "https://t.me/cvedetector/21056", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-2743 - Zhijiantianya Ruoyi-Vue-Pro Remote Path Traversal Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-2743 \nPublished : March 25, 2025, 7:15 a.m. | 32\u00a0minutes ago \nDescription : A vulnerability, which was classified as problematic, has been found in zhijiantianya ruoyi-vue-pro 2.4.1. This issue affects some unknown processing of the file /admin-api/mp/material/upload-temporary of the component Material Upload Interface. The manipulation of the argument File leads to path traversal. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"25 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T09:27:32.000000Z"} https://db.gcve.eu/sighting/460cdc68-3ddf-453f-8155-a6abf47a8ffb/export Tue, 25 Mar 2025 09:27:32 +0000 https://db.gcve.eu/sighting/27280741-7cdd-4fae-875b-0085546d47fd/export {"uuid": "27280741-7cdd-4fae-875b-0085546d47fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27437", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10866", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27437\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: A Missing Authorization Check vulnerability exists in the Virus Scanner Interface of SAP NetWeaver Application Server ABAP. Because of this, an attacker authenticated as a non-administrative user can initiate a transaction, allowing them to access but not modify non-sensitive data without further authorization and with no effect on availability.\n\ud83d\udccf Published: 2025-04-08T07:13:58.049Z\n\ud83d\udccf Modified: 2025-04-08T07:13:58.049Z\n\ud83d\udd17 References:\n1. https://me.sap.com/notes/3568778\n2. https://url.sap/sapsecuritypatchday", "creation_timestamp": "2025-04-08T07:46:29.000000Z"} {"uuid": "27280741-7cdd-4fae-875b-0085546d47fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27437", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10866", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27437\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: A Missing Authorization Check vulnerability exists in the Virus Scanner Interface of SAP NetWeaver Application Server ABAP. Because of this, an attacker authenticated as a non-administrative user can initiate a transaction, allowing them to access but not modify non-sensitive data without further authorization and with no effect on availability.\n\ud83d\udccf Published: 2025-04-08T07:13:58.049Z\n\ud83d\udccf Modified: 2025-04-08T07:13:58.049Z\n\ud83d\udd17 References:\n1. https://me.sap.com/notes/3568778\n2. https://url.sap/sapsecuritypatchday", "creation_timestamp": "2025-04-08T07:46:29.000000Z"} https://db.gcve.eu/sighting/27280741-7cdd-4fae-875b-0085546d47fd/export Tue, 08 Apr 2025 07:46:29 +0000 https://db.gcve.eu/sighting/6d313f52-0792-4e41-b857-005de91aab7f/export {"uuid": "6d313f52-0792-4e41-b857-005de91aab7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27435", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10867", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27435\n\ud83d\udd25 CVSS Score: 4.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N)\n\ud83d\udd39 Description: Under specific conditions and prerequisites, an unauthenticated attacker could access customer coupon codes exposed in the URL parameters of the Coupon Campaign URL in SAP Commerce. This could allow the attacker to use the disclosed coupon code, hence posing a low impact on confidentiality and integrity of the application.\n\ud83d\udccf Published: 2025-04-08T07:13:49.402Z\n\ud83d\udccf Modified: 2025-04-08T07:13:49.402Z\n\ud83d\udd17 References:\n1. https://me.sap.com/notes/3539465\n2. https://url.sap/sapsecuritypatchday", "creation_timestamp": "2025-04-08T07:46:30.000000Z"} {"uuid": "6d313f52-0792-4e41-b857-005de91aab7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27435", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10867", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27435\n\ud83d\udd25 CVSS Score: 4.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N)\n\ud83d\udd39 Description: Under specific conditions and prerequisites, an unauthenticated attacker could access customer coupon codes exposed in the URL parameters of the Coupon Campaign URL in SAP Commerce. This could allow the attacker to use the disclosed coupon code, hence posing a low impact on confidentiality and integrity of the application.\n\ud83d\udccf Published: 2025-04-08T07:13:49.402Z\n\ud83d\udccf Modified: 2025-04-08T07:13:49.402Z\n\ud83d\udd17 References:\n1. https://me.sap.com/notes/3539465\n2. https://url.sap/sapsecuritypatchday", "creation_timestamp": "2025-04-08T07:46:30.000000Z"} https://db.gcve.eu/sighting/6d313f52-0792-4e41-b857-005de91aab7f/export Tue, 08 Apr 2025 07:46:30 +0000 https://db.gcve.eu/sighting/4a62ef18-54cd-415f-8391-8a1c3d346a29/export {"uuid": "4a62ef18-54cd-415f-8391-8a1c3d346a29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27435", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmc5ecpojo2z", "content": "", "creation_timestamp": "2025-04-08T09:18:08.259414Z"} {"uuid": "4a62ef18-54cd-415f-8391-8a1c3d346a29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27435", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmc5ecpojo2z", "content": "", "creation_timestamp": "2025-04-08T09:18:08.259414Z"} https://db.gcve.eu/sighting/4a62ef18-54cd-415f-8391-8a1c3d346a29/export Tue, 08 Apr 2025 09:18:08 +0000 https://db.gcve.eu/sighting/59ce518f-bcde-4041-a8bd-b5105384e8e9/export {"uuid": "59ce518f-bcde-4041-a8bd-b5105384e8e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27437", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmc5edx3km2i", "content": "", "creation_timestamp": "2025-04-08T09:18:14.647796Z"} {"uuid": "59ce518f-bcde-4041-a8bd-b5105384e8e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27437", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmc5edx3km2i", "content": "", "creation_timestamp": "2025-04-08T09:18:14.647796Z"} https://db.gcve.eu/sighting/59ce518f-bcde-4041-a8bd-b5105384e8e9/export Tue, 08 Apr 2025 09:18:14 +0000 https://db.gcve.eu/sighting/8b9248cd-b5a8-4836-b104-0850e64be396/export {"uuid": "8b9248cd-b5a8-4836-b104-0850e64be396", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27437", "type": "seen", "source": "https://t.me/cvedetector/22426", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-27437 - SAP NetWeaver Application Server ABAP Missing Authorization Check Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-27437 \nPublished : April 8, 2025, 8:15 a.m. | 1\u00a0hour, 7\u00a0minutes ago \nDescription : A Missing Authorization Check vulnerability exists in the Virus Scanner Interface of SAP NetWeaver Application Server ABAP. Because of this, an attacker authenticated as a non-administrative user can initiate a transaction, allowing them to access but not modify non-sensitive data without further authorization and with no effect on availability. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"08 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T11:29:14.000000Z"} {"uuid": "8b9248cd-b5a8-4836-b104-0850e64be396", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27437", "type": "seen", "source": "https://t.me/cvedetector/22426", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-27437 - SAP NetWeaver Application Server ABAP Missing Authorization Check Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-27437 \nPublished : April 8, 2025, 8:15 a.m. | 1\u00a0hour, 7\u00a0minutes ago \nDescription : A Missing Authorization Check vulnerability exists in the Virus Scanner Interface of SAP NetWeaver Application Server ABAP. Because of this, an attacker authenticated as a non-administrative user can initiate a transaction, allowing them to access but not modify non-sensitive data without further authorization and with no effect on availability. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"08 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T11:29:14.000000Z"} https://db.gcve.eu/sighting/8b9248cd-b5a8-4836-b104-0850e64be396/export Tue, 08 Apr 2025 11:29:14 +0000 https://db.gcve.eu/sighting/8f9b55b0-e2a1-4afb-b6a2-db27c92b0dfa/export {"uuid": "8f9b55b0-e2a1-4afb-b6a2-db27c92b0dfa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27435", "type": "seen", "source": "https://t.me/cvedetector/22429", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-27435 - SAP Commerce Information Disclosure Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-27435 \nPublished : April 8, 2025, 8:15 a.m. | 1\u00a0hour, 7\u00a0minutes ago \nDescription : Under specific conditions and prerequisites, an unauthenticated attacker could access customer coupon codes exposed in the URL parameters of the Coupon Campaign URL in SAP Commerce. This could allow the attacker to use the disclosed coupon code, hence posing a low impact on confidentiality and integrity of the application. \nSeverity: 4.2 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"08 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T11:29:19.000000Z"} {"uuid": "8f9b55b0-e2a1-4afb-b6a2-db27c92b0dfa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27435", "type": "seen", "source": "https://t.me/cvedetector/22429", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-27435 - SAP Commerce Information Disclosure Vulnerability\", \n \"Content\": \"CVE ID : CVE-2025-27435 \nPublished : April 8, 2025, 8:15 a.m. | 1\u00a0hour, 7\u00a0minutes ago \nDescription : Under specific conditions and prerequisites, an unauthenticated attacker could access customer coupon codes exposed in the URL parameters of the Coupon Campaign URL in SAP Commerce. This could allow the attacker to use the disclosed coupon code, hence posing a low impact on confidentiality and integrity of the application. \nSeverity: 4.2 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"08 Apr 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T11:29:19.000000Z"} https://db.gcve.eu/sighting/8f9b55b0-e2a1-4afb-b6a2-db27c92b0dfa/export Tue, 08 Apr 2025 11:29:19 +0000 https://db.gcve.eu/sighting/130e431f-6c4a-4e93-ae7c-7b382cbcaae7/export {"uuid": "130e431f-6c4a-4e93-ae7c-7b382cbcaae7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27438", "type": "seen", "source": "MISP/682bdba3-46b7-4a8f-b7be-c6bf4b4f9868", "content": "", "creation_timestamp": "2025-08-13T13:26:35.000000Z"} {"uuid": "130e431f-6c4a-4e93-ae7c-7b382cbcaae7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27438", "type": "seen", "source": "MISP/682bdba3-46b7-4a8f-b7be-c6bf4b4f9868", "content": "", "creation_timestamp": "2025-08-13T13:26:35.000000Z"} https://db.gcve.eu/sighting/130e431f-6c4a-4e93-ae7c-7b382cbcaae7/export Wed, 13 Aug 2025 13:26:35 +0000 https://db.gcve.eu/sighting/a750d835-8604-40f7-8807-c184172b0a48/export {"uuid": "a750d835-8604-40f7-8807-c184172b0a48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27434", "type": "seen", "source": "MISP/4d9e0694-2872-4bfc-8eee-f1ab846c5ab0", "content": "", "creation_timestamp": "2025-08-16T01:45:14.000000Z"} {"uuid": "a750d835-8604-40f7-8807-c184172b0a48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27434", "type": "seen", "source": "MISP/4d9e0694-2872-4bfc-8eee-f1ab846c5ab0", "content": "", "creation_timestamp": "2025-08-16T01:45:14.000000Z"} https://db.gcve.eu/sighting/a750d835-8604-40f7-8807-c184172b0a48/export Sat, 16 Aug 2025 01:45:14 +0000 https://db.gcve.eu/sighting/06485634-7e96-4e65-8283-8e0fe58d1d55/export {"uuid": "06485634-7e96-4e65-8283-8e0fe58d1d55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27434", "type": "seen", "source": "MISP/4d9e0694-2872-4bfc-8eee-f1ab846c5ab0", "content": "", "creation_timestamp": "2025-08-19T04:06:31.000000Z"} {"uuid": "06485634-7e96-4e65-8283-8e0fe58d1d55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-27434", "type": "seen", "source": "MISP/4d9e0694-2872-4bfc-8eee-f1ab846c5ab0", "content": "", "creation_timestamp": "2025-08-19T04:06:31.000000Z"} https://db.gcve.eu/sighting/06485634-7e96-4e65-8283-8e0fe58d1d55/export Tue, 19 Aug 2025 04:06:31 +0000