VDB
GCVE-110-NCSC-2025-275
GCVE-110-NCSC-2025-275
Advisory PublishedCVSS 7.5/10
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N
Weaknesses (CWE)
CWE-770Allocation of Resources Without Limits or ThrottlingCWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')CWE-404Improper Resource Shutdown or ReleaseCWE-521Weak Password RequirementsCWE-862Missing AuthorizationCWE-1287Improper Validation of Specified Type of InputCWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')CWE-94Improper Control of Generation of Code ('Code Injection')CWE-352Cross-Site Request Forgery (CSRF)CWE-341Predictable from Observable StateCWE-306Missing Authentication for Critical FunctionCWE-1395Dependency on Vulnerable Third-Party ComponentCWE-606Unchecked Input for Loop ConditionCWE-522Insufficiently Protected CredentialsCWE-1022Use of Web Link to Untrusted Target with window.opener AccessCWE-502Deserialization of Untrusted DataCWE-250Execution with Unnecessary Privileges
Risk Scores
CVSS 3.1
7.5/10
High · CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| SAP | vers:unknown/* | — | — |
Aliases
CVE-2023-27500CVE-2023-5072CVE-2024-13009CVE-2025-22228CVE-2025-27428CVE-2025-42911CVE-2025-42912CVE-2025-42913CVE-2025-42914CVE-2025-42915CVE-2025-42916CVE-2025-42917CVE-2025-42918CVE-2025-42920CVE-2025-42922CVE-2025-42923CVE-2025-42925CVE-2025-42926CVE-2025-42927CVE-2025-42929CVE-2025-42930CVE-2025-42933CVE-2025-42938CVE-2025-42941CVE-2025-42944CVE-2025-42958CVE-2025-42961
Browse GCVE Records
72,096 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.