SAP NetWeaver Business Client for HTML Cross-Site Scripting Vulnerability

SAP NetWeaver Business Client for HTML SAP NWBC for HTML is a lightweight browser-based version of NWBC from SAP, Germany. SAP NetWeaver Business Client for HTML SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPUI 758, SAPBASIS 700, SAPBASIS 701, SAPBASIS 702, SAPBASIS 731 versions have a security...

CVE-2023-40624

SAP NetWeaver AS ABAP applications based on Unified Rendering - versions SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPUI 758, SAPBASIS 702, SAPBASIS 731, allows an attacker to inject JavaScript code that can be executed in the web-application. An attacker could thereby control the behavior of...

SAP NetWeaver Application Server 资源管理错误漏洞

SAP NetWeaver Application Server is an application server from SAP, Germany. A resource management error vulnerability exists in SAP NetWeaver Application Server, which stems from the presence of an error handling class, and can be exploited by an attacker to consume the server's resources to mak...

PT-2022-17672 · Sap · Sap Netweaver Application Server Abap

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Application Server for ABAP versions 700, 701, 702, 731 Description: The issue is due to a missing authorization check, allowing an authenticated attacker to access content on the start screen of any transaction within the same...

Cross site scripting

SAP NetWeaver Application Server ABAP Applications based on Web Dynpro ABAP, versions - SAPUI - 750,752,753,754,755, SAPBASIS - 702, 731 does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

CVE-2021-21473

CVE-2021-21473 affects SAP NetWeaver AS ABAP and ABAP Platform versions 700, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755. The issue is in function module SRM_RFC_SUBMIT_REPORT which fails to validate authorization of an authenticated user, allowing an unauthorized user to execute r...

deep-floorplan (=0.0.0), mpunet (=0.2.9) +1 more potentially affected by CVE-2021-29605 via tensorflow-gpu (>=2.3.0 <=2.3.2)

tensorflow-gpu PYPI version =2.3.0, =1.1.0, =1.6.1 Source cves: CVE-2021-29605 Source advisory: OSV:PYSEC-2021-731...

SAP NetWeaver AS ABAP Business Server 代码注入漏洞

SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A code injection vulnerability exists in SAP NetWeaver AS ABAP versions 700, 701, 702, 730, and 731. An attacker...

SAP NetWeaver AS ABAP Business Server 安全漏洞

SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A denial of service vulnerability exists in SAP NetWeaver AS ABAP versions 731, 740, and 750. The vulnerability...

SAP NetWeaver AS ABAP Information Disclosure Vulnerability (CNVD-2020-65558)

SAP NetWeaver AS ABAP Business Server is an application server for ABAP Advanced Business Application Programming from SAP, Germany. An information disclosure vulnerability exists in SAP NetWeaver Application Server ABAP POWL test application versions 710, 711, 730, 731, 740, and 750. An attacker...

Information disclosure

SAP NetWeaver ABAP Server and ABAP Platform, versions 731, 740, 750, allows an attacker with admin privileges to access certain files which should otherwise be restricted, leading to Information Disclosure...

PT-2020-19014 · Sap · Sap Netweaver As Abap

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS ABAP Business Server Pages Test Application IT00, versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754 Description: The issue allows an attacker to redirect users to a malicious site due to insufficient URL...

China Aerospace Science and Industry Corporation (CASIC) Aerospace 731 Hospital Android APP suffers from overstepping access vulnerability

"Aerospace 731 Hospital" is the official cell phone application software launched by China Aerospace Science and Industry Corporation CASIC 731 Hospital, aiming to simplify the medical process, reduce the waiting time for medical treatment on the basis of the hospital's existing services,...

Amazon Linux AMI : golang (ALAS-2016-731) (httpoxy)

An input-validation flaw was discovered in the Go programming language built in CGI implementation, which set the environment variable 'HTTPPROXY' using the incoming 'Proxy' HTTP-request header. The environment variable 'HTTPPROXY' is used by numerous web clients, including Go's net/http package,...

Ubuntu USN-731-1 (apache2)

The remote host is missing an update to apache2 announced via advisory USN-731-1. For details, please visit the referenced security advisories. OpenVAS Vulnerability Test $Id: ubuntu7311.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7311.nasl 7969 2017-12-01 09:23:16Z santu $ Description:...

Debian DSA-731-1 : krb4 - buffer overflows

Several problems have been discovered in telnet clients that could be exploited by malicious daemons the client connects to. The Common Vulnerabilities and Exposures project identifies the following problems : - CAN-2005-0468 Gael Delalleau discovered a buffer overflow in the envoptadd function...