General-Purpose System Vulnerabilities
Vulnerabilities related to traditional IT systems, servers, and desktop applications.
| CVE ID | Description | Severity | Published | Type |
|---|---|---|---|---|
| CVE-2025-42968 | SAP NetWeaver allows an authenticated non-administrative user to call the remote-enabled function module which could gr… | Medium (5.0) | 2025-07-08 | General-Purpose |
| CVE-2025-42967 | SAP S/4HANA and SAP SCM Characteristic Propagation has remote code execution vulnerability. This allows an attacker wit… | Critical (9.9) | 2025-07-08 | General-Purpose |
| CVE-2025-42966 | SAP NetWeaver XML Data Archiving Service allows an authenticated attacker with administrative privileges to exploit an … | Critical (9.1) | 2025-07-08 | General-Purpose |
| CVE-2025-42965 | SAP CMC Promotion Management allows an authenticated attacker to enumerate internal network systems by submitting craft… | Medium (4.1) | 2025-07-08 | General-Purpose |
| CVE-2025-42964 | SAP NetWeaver Enterprise Portal Administration is vulnerable when a privileged user can upload untrusted or malicious c… | Critical (9.1) | 2025-07-08 | General-Purpose |