VDB

GCVE-110-NCSC-2025-275

GCVE-110-NCSC-2025-275
Advisory PublishedCVSS 7.5/10
Vulnetix · Advisory published September 9, 2025
CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Weaknesses (CWE)

CWE-770Allocation of Resources Without Limits or ThrottlingCWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')CWE-404Improper Resource Shutdown or ReleaseCWE-521Weak Password RequirementsCWE-862Missing AuthorizationCWE-1287Improper Validation of Specified Type of InputCWE-79Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')CWE-94Improper Control of Generation of Code ('Code Injection')CWE-352Cross-Site Request Forgery (CSRF)CWE-341Predictable from Observable StateCWE-306Missing Authentication for Critical FunctionCWE-1395Dependency on Vulnerable Third-Party ComponentCWE-606Unchecked Input for Loop ConditionCWE-522Insufficiently Protected CredentialsCWE-1022Use of Web Link to Untrusted Target with window.opener AccessCWE-502Deserialization of Untrusted DataCWE-250Execution with Unnecessary Privileges

Risk Scores

CVSS 3.1
7.5/10
High · CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersionsPlatforms
SAPvers:unknown/*

References

advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory
advisory

Browse GCVE Records

72,096 records in the GCVE database · Updated July 14, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›