30 matches found
EUVD-2026-22170
Due to a missing authorization check in SAP Business Analytics and SAP Content Management, an authenticated user could make unauthorized calls to certain remote function modules, potentially accessing sensitive information beyond their intended permissions. This vulnerability affects...
CVE-2026-34261
CVE-2026-34261 affects SAP Business Analytics and SAP Content Management. Root cause: missing authorization check enables an authenticated user to call certain remote function modules beyond their permissions. Impact: confidentiality is affected; no noted impact to integrity or availability. Expl...
CVE-2026-34261 Missing Authorization check in SAP Business Analytics and SAP Content Management
Due to a missing authorization check in SAP Business Analytics and SAP Content Management, an authenticated user could make unauthorized calls to certain remote function modules, potentially accessing sensitive information beyond their intended permissions. This vulnerability affects...
SAP Business Analytics和SAP Content Management 安全漏洞
SAP Business Analytics and SAP Content Management are both products of the German company SAP. SAP Business Analytics is a suite of enterprise data analysis and business intelligence solutions. SAP Content Management is an enterprise content storage and document management system. Both SAP Busine...
SAP Landscape Transformation 代码注入漏洞
SAP Landscape Transformation is a tool developed by SAP, a German company, for system data migration and integration. SAP Landscape Transformation has a code injection vulnerability; this vulnerability stems from vulnerabilities in the RFC-exposed function modules, which may allow for the injecti...
CVE-2026-24326
Due to a missing authorization check in the Disconnected Operations of the SAP S/4HANA Defense & Security, an attacker with user privileges could call remote-enabled function modules to do direct update on standard SAP database table . This results in low impact on integrity, with no impact on...
CVE-2026-24326
Due to a missing authorization check in the Disconnected Operations of the SAP S/4HANA Defense & Security, an attacker with user privileges could call remote-enabled function modules to do direct update on standard SAP database table . This results in low impact on integrity, with no impact on...
CVE-2026-24326 Missing authorization check in SAP S/4HANA Defense & Security (Disconnected Operations)
Due to a missing authorization check in the Disconnected Operations of the SAP S/4HANA Defense & Security, an attacker with user privileges could call remote-enabled function modules to do direct update on standard SAP database table . This results in low impact on integrity, with no impact on...
CVE-2026-24326 Missing authorization check in SAP S/4HANA Defense & Security (Disconnected Operations)
Due to a missing authorization check in the Disconnected Operations of the SAP S/4HANA Defense & Security, an attacker with user privileges could call remote-enabled function modules to do direct update on standard SAP database table . This results in low impact on integrity, with no impact on...
CVE-2026-23681 Missing Authorization check in a function module in SAP Support Tools Plug-In
Due to missing authorization check in a function module in SAP Support Tools Plug-In, an authenticated attacker could invoke specific function modules to retrieve information about the system and its configuration. This disclosure of the system information could assist the attacker to plan...
CVE-2026-23681
CVE-2026-23681 affects SAP Support Tools Plug-In where a missing authorization check in a function module allows an authenticated attacker to invoke certain function modules and retrieve system and configuration information. The vulnerability risks only low confidentiality impact for the applicat...
EUVD-2016-4660
Malware in sbrugna...
EUVD-2025-20351
Malicious code in bioql PyPI...
SAP NetWeaver 安全漏洞
SAP NetWeaver is a set of integrated service-oriented application platforms from SAP, Germany. The platform primarily provides a development and runtime environment for SAP applications. A security vulnerability exists in SAP NetWeaver, which stems from a lack of authorization checks and allows...
CVE-2024-37180
Under certain conditions SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker to access remote-enabled function module with no further authorization which would otherwise be restricted, the function can be used to read non-sensitive information with low impact on...
CVE-2023-49587
SAP Solution Manager - version 720, allows an authorized attacker to execute certain deprecated function modules which can read or modify data of same or other component without user interaction over the network...
CVE-2025-30013
CVE-2025-30013 affects SAP ERP BW Business Content. It is an OS Command Injection vulnerability in certain function modules that, when run with elevated privileges, mishandles user input and allows execution of arbitrary OS commands. The underlying risk impacts confidentiality, integrity, and ava...
SAP NetWeaver AS ABAP Multiple Vulnerabilities
The remote SAP NetWeaver ABAP server may be affected by multiple vulnerabilies. - The ABAP Application Server of SAP NetWeaver as well as ABAP Platform does not check for authorization when a user executes some RFC function modules. This could lead to an attacker with basic user privileges to gai...
CVE-2025-0063
SAP NetWeaver AS ABAP and ABAP Platform does not check for authorization when a user executes some RFC function modules. This could lead to an attacker with basic user privileges to gain control over the data in Informix database, leading to complete compromise of confidentiality, integrity and...
SAP NetWeaver Application Server Information Disclosure Vulnerability
SAP NetWeaver Application Server is an application server from SAP, Germany. An information disclosure vulnerability exists in SAP NetWeaver Application Server, which arises from a vulnerability that allows an attacker to access remotely enabled function modules without further authorization unde...