58 matches found
EUVD-2021-24622
Malware in sbrugna...
EUVD-2020-27394
Malware in sbrugna...
EUVD-2018-14253
Malware in sbrugna...
EUVD-2020-27378
Malware in sbrugna...
CVE-2021-38150
When an attacker manages to get access to the local memory, or the memory dump of a victim, for example by a social engineering attack, SAP Business Client versions - 7.0, 7.70, will allow him to read extremely sensitive data, such as credentials. This would allow the attacker to compromise the...
CVE-2020-6228
SAP Business Client, versions 6.5, 7.0, does not perform necessary integrity checks which could be exploited by an attacker under certain conditions to modify the installer...
CVE-2020-6244
SAP Business Client, version 7.0, allows an attacker after a successful social engineering attack to inject malicious code as a DLL file in untrusted directories that can be executed by the application, due to uncontrolled search path element. An attacker could thereby control the behavior of the...
WithSecure多款产品 安全漏洞
WithSecure Elements Agent and others are products of the Finnish company WithSecure.WithSecure Elements Agent is a cloud-native endpoint protection system.WithSecure Managed Detection and Response WithSecure WithSecure Managed Detection and Response MDR is a managed response and detection...
The vulnerability of the single interface for SAP NetWeaver Business Client, which exists due to the lack of measures taken to protect the structure of the web page, allows attackers to carry out cross-site scripting attacks.
The vulnerability of the single interface for SAP NetWeaver Business Client exists due to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...
CVE-2024-22128 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Business Client for HTML
SAP NWBC for HTML - versions SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPBASIS 700, SAPBASIS 701, SAPBASIS 702, SAPBASIS 731, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. An unauthenticated attacker can inject malicious javascript to...
CVE-2024-22128 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Business Client for HTML
SAP NWBC for HTML - versions SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPBASIS 700, SAPBASIS 701, SAPBASIS 702, SAPBASIS 731, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. An unauthenticated attacker can inject malicious javascript to...
SAP NetWeaver Business Client for HTML Cross-Site Scripting Vulnerability
SAP NetWeaver Business Client for HTML SAP NWBC for HTML is a lightweight browser-based version of NWBC from SAP, Germany. SAP NetWeaver Business Client for HTML SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPUI 758, SAPBASIS 700, SAPBASIS 701, SAPBASIS 702, SAPBASIS 731 versions have a security...
Dell Command Configure Elevation of Privilege Vulnerability
Dell Command Configure is a Dell application that provides configuration capabilities for business client platforms. Dell Command Configure version 4.8 and prior versions contain an elevation of privilege vulnerability that stems from incorrect folder permissions, which could be exploited to modi...
Vulnerabilities fixed in SAP products
Vulnerabilities have been fixed in several SAP products. The vulnerabilities potentially enable a malicious person to launch attacks execute attacks that result in the following categories of damage: Cross-Site Scripting XSS Denial-of-Service DoS. Circumvention of security measure. Remote code...
CVE-2021-38150
When an attacker manages to get access to the local memory, or the memory dump of a victim, for example by a social engineering attack, SAP Business Client versions - 7.0, 7.70, will allow him to read extremely sensitive data, such as credentials. This would allow the attacker to compromise the...
Design/Logic Flaw
When an attacker manages to get access to the local memory, or the memory dump of a victim, for example by a social engineering attack, SAP Business Client versions - 7.0, 7.70, will allow him to read extremely sensitive data, such as credentials. This would allow the attacker to compromise the...
CVE-2021-38150
SAP Business Client (versions 7.0 and 7.70) is affected by CVE-2021-38150. The issue allows an attacker with access to a victim’s local memory or memory dump (e.g., via social engineering) to read highly sensitive data such as credentials, potentially enabling compromise of the backend services f...
CVE-2021-38150
When an attacker manages to get access to the local memory, or the memory dump of a victim, for example by a social engineering attack, SAP Business Client versions - 7.0, 7.70, will allow him to read extremely sensitive data, such as credentials. This would allow the attacker to compromise the...
SAP Business Client 安全漏洞
SAP Business Client is a user interface client program from SAP. The program supports access to multiple SAP applications from a single platform. SAP Business Client has a security vulnerability that allows him to read extremely sensitive data such as credentials. This would allow an attacker to...
PT-2021-21970 · Sap · Sap Business Client
Name of the Vulnerable Software and Affected Versions: SAP Business Client versions 7.0, 7.70 Description: The issue allows an attacker to read sensitive data, such as credentials, from the local memory or memory dump of a victim, for example, through a social engineering attack. This could enabl...