CVEs classified under CWE-921, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2025-30016 — CVSS 9.8 (critical): SAP Financial Consolidation allows an unauthenticated attacker to gain unauthorized access to the Admin account. The vulnerability arises…
CVE-2023-41965 — CVSS 7.5 (high): Sending some requests in the web application of the vulnerable device allows information to be obtained due to the lack of security in the…
CVE-2025-24870 — CVSS 6.0 (medium): SAP GUI for Windows & RFC service credentials are incorrectly stored in the memory of the program allowing an unauthenticated attacker to…
CVE-2025-24843 — CVSS 5.1 (medium): Insecure file retrieval process that facilitates potential for file manipulation to affect product stability and confidentiality…
CVE-2023-41818 — CVSS 5.0 (medium): An improper use of the SD card for sensitive data vulnerability was reported in the Motorola Device Help application that could allow a…