288 matches found
EUVD-2021-8749
Malicious code in bioql PyPI...
EUVD-2021-8755
Malicious code in bioql PyPI...
EUVD-2021-8743
Malicious code in bioql PyPI...
Security Bulletin: IBM Master Data Management is vulnerable to arbitrary code execution from vulnerability in WebSphere Application Server (CVE-2025-36038)
Summary IBM Master Data Management is vulnerable to arbitrary code execution by a vulnerability found in IBM WebSphere Application Server. IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially crafted sequence of...
The vulnerability of the ReadString function in the SAP MDM Server management server allows a perpetrator to cause a service failure.
The vulnerability of the ReadString function in the SAP MDM Server management server relates to the release of previously unallocated memory. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
SAP MDM Server 安全漏洞
SAP MDM Server is an MDM server from SAP, Germany. A security vulnerability exists in SAP MDM Server that stems from a memory read access violation triggered by the Read function when processing specially crafted packets, which could lead to an unexpected termination of the server process...
PT-2025-24597 · Sap · Sap Master Data Management Server
Name of the Vulnerable Software and Affected Versions: SAP Master Data Management Server affected versions not specified Description: The issue allows an attacker to gain control of existing client sessions and execute certain functions without having to re-authenticate. This gives the ability to...
SAP MDM Server 安全漏洞
SAP MDM Server is an MDM server from SAP, Germany. A security vulnerability exists in SAP MDM Server that stems from a flaw in the session control mechanism and could allow an attacker to perform non-sensitive operations or consume resources without re-authentication...
CVE-2021-21469
When security guidelines for SAP NetWeaver Master Data Management running on windows have not been thoroughly reviewed, it might be possible for an external operator to try and set custom paths in the MDS server configuration. When no adequate protection has been enforced on any level e.g., MDS...
CVE-2021-21475
Under specific circumstances SAP Master Data Management, versions - 710, 710.750, allows an unauthorized attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the file APIs. Due to this...
CVE-2021-21482
SAP NetWeaver Master Data Management, versions - 710, 710.750, allows a malicious unauthorized user with access to the MDM Server subnet to find the password using a brute force method. If successful, the attacker could obtain access to highly sensitive data and MDM administrative privileges...
SAP Supplier Relationship Management Cross-Site Scripting Vulnerability
SAP Supplier Relationship Management Master Data Management Catalog is a system for managing supplier relationships that provides master data management functionality. A cross-site scripting vulnerability exists in SAP Supplier Relationship Management Master Data Management Catalog that allows an...
SAP Supplier Relationship Management 跨站脚本漏洞
SAP Supplier Relationship Management Master Data Management Catalog is a system for managing supplier relationships that provides master data management functionality. A cross-site scripting vulnerability exists in SAP Supplier Relationship Management Master Data Management Catalog that allows an...
The vulnerability of the web interface of the IBM InfoSphere Master Data Management platform allows a perpetrator to carry out cross-site scripting attacks.
The vulnerability of the IBM InfoSphere Master Data Management data management interface is related to the lack of protective measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...
Security Bulletin: IBM Master Data Management is vulnerable to an XXE attack from a vulnerability found in IBM WebSphere Application Server (CVE-2024-45072)
Summary IBM Master Data Management v11.6, v12.0, and v14.0 are vulnerable to an XXE attack from a vulnerability found in IBM WebSphere Application Server. IBM WebSphere Application Server is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A privileged user coul...
Security Bulletin: IBM Master Data Management is vulnerable to stored cross-site scripting from vulnerability found in IBM WebSphere Application Server (CVE-2024-45073)
Summary IBM Master Data Management Server 11.6, 12.0, and 14.0 are vulnerable from IBM WebSphere Application Server with vulnerability in stored cross-site scripting. IBM WebSphere Application Server 8.5 and 9.0 is vulnerable to stored cross-site scripting. This vulnerability allows a privileged...
Security Bulletin: IBM Master Data Managemenet is vulnerable to an XML injection for an XXE attack due to vulnerability found in IBM Websphere Application Server (CVE-2024-45086)
Summary IBM Master Data Managemenet v11.6, v12.0, and v14.0 are vulnerable to an XML injection attack due to vulnerability found in IBM Websphere Application Server.: IBM Master Data Managemenet is vulnerable to an XML injection attack due to vulnerability found in IBM Websphere Application Serve...
Security Bulletin: IBM Master Data Management vulnerable to denial of service due to IBM WebSphere Application Server under certain configurations (CVE-2024-45085)
Summary IBM Master Data Management 11.6 is vulnerable to a denial of service from a specailly crafted request through IBM WebSphere Application Server. IBM WebSphere Application Server is vulnerable to a denial of service, under certain configurations, caused by an unexpected specially crafted...
Security Bulletin: IBM Master Data Management is vulnerable to cross-site scripting from vulnerability found in IBM WebSphere Application Server (CVE-2024-45071)
Summary IBM Master Data Management version 11.6, 12.0, and 14.0 are impacted by this vulnerability. IBM WebSphere Application Server is vulnerable to stored cross-site scripting. This vulnerability allows a privileged user to embed arbitrary JavaScript code in the Web UI thus altering the intende...
CVE-2023-46187
IBM InfoSphere Master Data Management 11.6, 12.0, and 14.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session...