CVE-2023-28763

SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, allows an attacker authenticated as a non-administrative user to craft a request with certain parameters which can consume the server's resources sufficiently to make it unavailable over the...

Input validation

Due to insufficient input sanitization, SAP ABAP - versions 751, 753, 753, 754, 756, 757, 791, allows an authenticated high privileged user to alter the current session of the user by injecting the malicious database queries over the network and gain access to the unintended data. This may lead t...

SAP NetWeaver Application Server 资源管理错误漏洞

SAP NetWeaver Application Server is an application server from SAP, Germany. A resource management error vulnerability exists in SAP NetWeaver Application Server, which stems from the presence of an error handling class, and can be exploited by an attacker to consume the server's resources to mak...

CVE-2021-21473

CVE-2021-21473 affects SAP NetWeaver AS ABAP and ABAP Platform versions 700, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755. The issue is in function module SRM_RFC_SUBMIT_REPORT which fails to validate authorization of an authenticated user, allowing an unauthorized user to execute r...

CVE-2020-26835

SAP NetWeaver AS ABAP (versions 740–754) is affected by a reflected XSS due to insufficient URL encoding, allowing an attacker to inject JavaScript via the URL and execute it in the browser. This is described in CNVD-2021-03703 and PT-2020-16518, which note the root cause as improper URL encoding...

CVE-2020-26825

SAP Fiori Launchpad News tile Application, versions - 750,751,752,753,754,755, allows an unauthorized attacker to use SAP Fiori Launchpad News tile Application to send malicious code, to a different end user victim, because News tile does not sufficiently encode user controlled inputs, resulting ...

PT-2020-19014 · Sap · Sap Netweaver As Abap

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS ABAP Business Server Pages Test Application IT00, versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754 Description: The issue allows an attacker to redirect users to a malicious site due to insufficient URL...

CVE-2020-6210

SAP Fiori Launchpad, versions- 753, 754, does not sufficiently encode user-controlled inputs, and hence allowing the attacker to inject the meta tag into the launchpad html using the vulnerable parameter, leading to reflected Cross-Site Scripting XSS vulnerability...

Cross site scripting

SAP Fiori Launchpad, versions- 753, 754, does not sufficiently encode user-controlled inputs, and hence allowing the attacker to inject the meta tag into the launchpad html using the vulnerable parameter, leading to reflected Cross-Site Scripting XSS vulnerability...

CVE-2020-6210

SAP Fiori Launchpad, versions- 753, 754, does not sufficiently encode user-controlled inputs, and hence allowing the attacker to inject the meta tag into the launchpad html using the vulnerable parameter, leading to reflected Cross-Site Scripting XSS vulnerability...

CVE-2020-6210

CVE-2020-6210 concerns SAP Fiori Launchpad (versions 753, 754) with a reflected Cross-Site Scripting (XSS) vulnerability caused by insufficient encoding of user-controlled inputs, enabling injection of a meta tag into the launchpad HTML via a vulnerable parameter. The CVE description and multiple...

Rockwell Automation PowerFlex 753 20F PowerFlex 750-Series via Embedded EtherNet/IP

Binary data 754700.prm...

Rockwell Automation PowerFlex 753 20F DPI to EtherNet/IP

Binary data 754696.prm...

Rockwell Automation PowerFlex 753 20F DPI to EtherNet/IP

Binary data 754522.prm...

Amazon Linux AMI : php56 (ALAS-2016-753)

ext/standard/varunserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service memory corruption or possibly have unspecified other impact via an unserialize call that references a partially constructed object...

Ubuntu: Security Advisory (USN-753-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-753-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...