| Page(s) : 1 ... 779 780 781 782 783 784 785 786 787 788 [789] 790 791 792 793 794 795 796 797 798 799 ... | Result(s) : 325916 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 6.5 | 2025-03-11 | CVE-2024-49823 | cve | IBM Common Cryptographic Architecture 7.0.0 through 7.5.51 could allow an authenticated user to cause a denial of service in the Hardware Security Module (HSM) using a specially... |
| 4.7 | 2025-03-11 | CVE-2025-0062 | cve | SAP BusinessObjects Business Intelligence Platform allows an attacker to inject JavaScript code in Web Intelligence reports. This code is then executed in the victim's brow... |
| 4.9 | 2025-03-11 | CVE-2025-0071 | cve | SAP Web Dispatcher and Internet Communication Manager allow an attacker with administrative privileges to enable debugging trace mode with a specific parameter value. This expos... |
| 4.1 | 2025-03-11 | CVE-2025-23185 | cve | Due to improper error handling in SAP Business Objects Business Intelligence Platform, technical details of the application are revealed in exceptions thrown to the user and in ... |
| 4.3 | 2025-03-11 | CVE-2025-23188 | cve | An authenticated user with low privileges can exploit a missing authorization check in an IBS module of FS-RBD, allowing unauthorized access to perform actions beyond their inte... |
| 5.3 | 2025-03-11 | CVE-2025-23194 | cve | SAP NetWeaver Enterprise Portal OBN does not perform proper authentication check for a particular configuration setting. As result, a non-authenticated user can set it to an und... |
| 6.1 | 2025-03-11 | CVE-2025-25242 | cve | SAP NetWeaver Application Server ABAP allows malicious scripts to be executed in the application, potentially leading to a Cross-Site Scripting (XSS) vulnerability. This has no ... |
| 5.7 | 2025-03-11 | CVE-2025-25244 | cve | SAP Business Warehouse (Process Chains) allows an attacker to manipulate the process execution due to missing authorization check. An attacker with display authorization for the... |
| 5.4 | 2025-03-11 | CVE-2025-25245 | cve | SAP BusinessObjects Business Intelligence Platform (Web Intelligence) contains a deprecated web application endpoint that is not properly secured. An attacker could take advanta... |
| 3.1 | 2025-03-11 | CVE-2025-26655 | cve | SAP Just In Time(JIT) does not perform necessary authorization checks for an authenticated user, allowing attacker to escalate privileges that would otherwise be restricted, pot... |
| 4.3 | 2025-03-11 | CVE-2025-26656 | cve | OData Service in Manage Purchasing Info Records does not perform necessary authorization checks for an authenticated user, allowing an attacker to escalate privileges. This has ... |
| 6.8 | 2025-03-11 | CVE-2025-26658 | cve | The Service Layer in SAP Business One, allows attackers to potentially gain unauthorized access and impersonate other users in the application to perform unauthorized actions. D... |
| 6.1 | 2025-03-11 | CVE-2025-26659 | cve | SAP NetWeaver Application Server ABAP does not sufficiently encode user-controlled inputs, leading to DOM-basedCross-Site Scripting (XSS) vulnerability. This allows an attacker ... |
| 4.3 | 2025-03-11 | CVE-2025-26660 | cve | SAP Fiori applications using the posting library fail to properly configure security settings during the setup process, leaving them at default or inadequately defined. This vul... |
| 8.8 | 2025-03-11 | CVE-2025-26661 | cve | Due to missing authorization check, SAP NetWeaver (ABAP Class Builder) allows an attacker to gain higher access levels than they should have, resulting in escalation of privileg... |
| 3.5 | 2025-03-11 | CVE-2025-27430 | cve | Under certain conditions, an SSRF vulnerability in SAP CRM and SAP S/4HANA (Interaction Center) allows an attacker with low privileges to access restricted information. This fla... |
| 5.4 | 2025-03-11 | CVE-2025-27431 | cve | User management functionality in SAP NetWeaver Application Server Java is vulnerable to Stored Cross-Site Scripting (XSS). This could enable an attacker to inject malicious payl... |
| 2.4 | 2025-03-11 | CVE-2025-27432 | cve | The eDocument Cockpit (Inbound NF-e) in SAP Electronic Invoicing for Brazil allows an authenticated attacker with certain privileges to gain unauthorized access to each transact... |
| 4.3 | 2025-03-11 | CVE-2025-27433 | cve | The Manage Bank Statements in SAP S/4HANA allows authenticated attacker to bypass certain functionality restrictions of the application and upload files to a reversed bank state... |
| 8.8 | 2025-03-11 | CVE-2025-27434 | cve | Due to insufficient input validation, SAP Commerce (Swagger UI) allows an unauthenticated attacker to inject the malicious code from remote sources, which can be leveraged by an... |
| Page(s) : 1 ... 779 780 781 782 783 784 785 786 787 788 [789] 790 791 792 793 794 795 796 797 798 799 ... | Result(s) : 325916 |
