EUVD-2020-19344

Malware in sbrugna...

EUVD-2023-28539

Malicious code in bioql PyPI...

EUVD-2023-28540

Malicious code in bioql PyPI...

CVE-2020-6229

SAP NetWeaver AS ABAP Business Server Pages application CRMBSPFRAME, versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 75A, 75B, 75C, 75D, 75E, does not sufficiently encode user controlled inputs, resulting in reflected Cross-Site Scripting XSS vulnerability...

CVE-2019-0304

FTP Function of SAP NetWeaver AS ABAP Platform, versions- KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73, KERNEL 7.21, 7.45, 7.49, 7.53, 7.73, allows an attacker to inje...

CVE-2020-26832

SAP AS ABAP SAP Landscape Transformation, versions - 20111620, 20111640, 20111700, 20111710, 20111730, 20111731, 20111752, 2020 and SAP S4 HANA SAP Landscape Transformation, versions - 101, 102, 103, 104, 105, allows a high privileged user to execute a RFC function module to which access should b...

CVE-2020-26808

SAP AS ABAPDMIS, versions - 20111620, 20111640, 20111700, 20111710, 20111730, 20111731, 20111752, 2020 and SAP S4 HANADMIS, versions - 101, 102, 103, 104, 105, allows an authenticated attacker to inject arbitrary code into function module leading to code injection that can be executed in the...

SAP NetWeaver AS ABAP (3550708)

The remote SAP NetWeaver ABAP server may be affected by a improper access control vulnerability. The ABAP Application Server of SAP NetWeaver as well as ABAP Platform allows an attacker to access restricted information due to weak access controls. This can have a significant impact on the...

CVE-2024-27902

Applications based on SAP GUI for HTML in SAP NetWeaver AS ABAP - versions 7.89, 7.93, do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. A successful attack can allow a malicious attacker to access and modify data through their ability to...

CVE-2023-49581

SAP GUI for Windows and SAP GUI for Java allow an unauthenticated attacker to access information which would otherwise be restricted and confidential. In addition, this vulnerability allows the unauthenticated attacker to write data to a database table. By doing so the attacker could increase...

Authentication flaw

SAP GUI for Windows and SAP GUI for Java allow an unauthenticated attacker to access information which would otherwise be restricted and confidential. In addition, this vulnerability allows the unauthenticated attacker to write data to a database table. By doing so the attacker could increase...

CVE-2023-49581

CVE-2023-49581 affects SAP GUI for Windows and SAP GUI for Java. An unauthenticated attacker can access information that should be restricted and can also write data to a database table, potentially increasing response times of the AS ABAP and causing mild availability impact. Public details acro...

CVE-2023-49580 Information disclosure in SAP GUI for Windows and SAP GUI for Java

SAP GUI for Windows and SAP GUI for Java - versions SAPBASIS 755, SAPBASIS 756, SAPBASIS 757, SAPBASIS 758, allow an unauthenticated attacker to access information which would otherwise be restricted and confidential. In addition, this vulnerability allows the unauthenticated attacker to create...

CVE-2023-37492 Missing Authorization check in SAP NetWeaver AS ABAP and ABAP Platform

SAP NetWeaver Application Server ABAP and ABAP Platform - versions SAPBASIS 700, SAPBASIS 701, SAPBASIS 702, SAPBASIS 731, SAPBASIS 740, SAPBASIS 750, SAPBASIS 752, SAPBASIS 753, SAPBASIS 754, SAPBASIS 755, SAPBASIS 756, SAPBASIS 757, SAPBASIS 758, SAPBASIS 793, SAPBASIS 804, does not perform...

CVE-2023-24522

Due to insufficient input sanitization, SAP NetWeaver AS ABAP Business Server Pages - versions 700, 701, 702, 731, 740, allows an unauthenticated user to alter the current session of the user by injecting the malicious code over the network and gain access to the unintended data. This may lead to...

Input validation

Due to insufficient input sanitization, SAP NetWeaver AS ABAP Business Server Pages - versions 700, 701, 702, 731, 740, allows an unauthenticated user to alter the current session of the user by injecting the malicious code over the network and gain access to the unintended data. This may lead to...

CVE-2023-24522

CVE-2023-24522 affects SAP NetWeaver AS ABAP (Business Server Pages) and versions 700, 701, 702, 731, 740. Root cause: insufficient input sanitization that allows an unauthenticated user to inject malicious code over the network to alter a user’s current session, potentially exposing data. Impact...

CVE-2023-24522

Due to insufficient input sanitization, SAP NetWeaver AS ABAP Business Server Pages - versions 700, 701, 702, 731, 740, allows an unauthenticated user to alter the current session of the user by injecting the malicious code over the network and gain access to the unintended data. This may lead to...

PT-2023-19670 · Sap · Sap Netweaver As Abap

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS ABAP Business Server Pages versions 700, 701, 702, 731, 740 Description: The issue is caused by insufficient input sanitization, allowing an unauthenticated user to alter the current session of the user by injecting malicious...

SAP NetWeaver AS 跨站脚本漏洞

SAP NetWeaver AS is a SAP network application server from SAP. It not only provides network services, but is also the basic platform for SAP software. A cross-site scripting vulnerability exists in SAP NetWeaver AS ABAP BSP Framework versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755,...