Lucene search
+L

132 matches found

cnvd
cnvd
added 2025/03/14 12:0 a.m.6 views

SAP NetWeaver Application Server Information Disclosure Vulnerability

SAP NetWeaver Application Server is an application server from SAP, Germany. An information disclosure vulnerability exists in SAP NetWeaver Application Server ABAP, which can be exploited by an attacker with administrative or user directory privileges to disclose data and compromise program...

6CVSS6.3AI score0.00182EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/03/11 12:0 a.m.3 views

SAP NetWeaver Application Server 跨站脚本漏洞

SAP NetWeaver Application Server ABAP is an application server from SAP for running ABAP applications. A cross-site scripting vulnerability exists in SAP NetWeaver Application Server ABAP that originates from allowing malicious scripts to be executed within the application. An attacker can exploi...

6.1CVSS6.3AI score0.00243EPSS
Exploits0References5
bdu_fstec
bdu_fstec
added 2025/03/05 12:0 a.m.11 views

The vulnerability of the SAP NetWeaver Application Server ABAP software integration platform, related to inconsistencies in responses to incoming requests, allows attackers to gain unauthorized access to protected information.

The vulnerability of the SAP NetWeaver Application Server ABAP software integration platform is related to inconsistencies in the responses to incoming requests. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

5.3CVSS5.5AI score0.00337EPSS
Exploits0References3
cnvd
cnvd
added 2025/02/19 12:0 a.m.12 views

SAP NetWeaver Application Server Java Cross-Site Scripting Vulnerability

SAP NetWeaver Application Server Java is a German SAP SAP company provides a Java runtime environment of the application server. The product is mainly used to develop and run Java EE applications. A cross-site scripting vulnerability exists in SAP NetWeaver Application Server Java, which can be...

6.5CVSS5.9AI score0.00519EPSS
Exploits1References1
vulnrichment
vulnrichment
added 2025/02/11 12:32 a.m.9 views

CVE-2025-0054 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server Java

SAP NetWeaver Application Server Java does not sufficiently handle user input, resulting in a stored cross-site scripting vulnerability. The application allows attackers with basic user privileges to store a Javascript payload on the server, which could be later executed in the victim's web...

5.4CVSS5AI score0.00264EPSS
Exploits1References2
bdu_fstec
bdu_fstec
added 2025/01/20 12:0 a.m.7 views

The vulnerability of SAP NetWeaver Application Server ABAP and ABAP Platform software integration platforms, related to information leakage in error messages, allows attackers to gain unauthorized access to protected information.

The vulnerability of SAP NetWeaver Application Server ABAP and ABAP Platform software integration platforms is related to the leakage of information in error messages. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

5.3CVSS5.4AI score0.00325EPSS
Exploits0References4
cve
cve
added 2025/01/14 12:9 a.m.60 views

CVE-2025-0059

SAP NetWeaver AS ABAP is affected by CVE-2025-0059, describing an information-disclosure vulnerability where applications based on SAP GUI for HTML store user input in local browser storage. An attacker with OS-level access or high-privilege/admin rights can read this data, with disclosure rangin...

6CVSS5.8AI score0.00182EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2025/01/14 12:0 a.m.10 views

PT-2025-1184 · Sap · Sap Netweaver Application Server For Abap/Abap Platform

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Application Server for ABAP and ABAP Platform affected versions not specified Description: The issue is related to information disclosure in error messages. An attacker, acting remotely, could gain unauthorized access to protect...

5.3CVSS7AI score0.00325EPSS
Exploits0References9
ptsecurity
ptsecurity
added 2025/01/13 12:0 a.m.4 views

PT-2025-1203 · Sap · Sap Netweaver Application Server Abap

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Application Server ABAP affected versions not specified Description: The issue concerns applications based on SAP GUI for HTML in SAP NetWeaver Application Server ABAP, which store user input in the local browser storage to...

6CVSS6.4AI score0.00182EPSS
Exploits0References8
cnnvd
cnnvd
added 2025/01/13 12:0 a.m.7 views

SAP NetWeaver Application Server Java 安全漏洞

SAP NetWeaver Application Server Java is an application server from SAP. An authorization issue vulnerability exists in SAP NetWeaver Application Server Java, which arises from the program not properly checking the authorization of the service endpoint, no details of the vulnerability are availab...

6.3CVSS6.8AI score0.00248EPSS
Exploits0References1
cnnvd
cnnvd
added 2025/01/13 12:0 a.m.12 views

SAP NetWeaver Application Server 安全漏洞

SAP Netweaver Application Server ABAP is a core component of the SAP system, responsible for business processing and data interaction. An information disclosure vulnerability exists in SAP Netweaver Application Server ABAP, which stems from failure to perform required authorization checks and can...

4.3CVSS6.4AI score0.00261EPSS
Exploits0References1
cnnvd
cnnvd
added 2024/11/12 12:0 a.m.2 views

SAP NetWeaver Application Server和SAP ABAP Platform 安全漏洞

SAP NetWeaver Application Server and SAP ABAP Platform are both products of SAP, Germany.SAP NetWeaver Application Server is an application server.SAP ABAP Platform is an ABAP based SAP ABAP Platform is an ABAP-based SAP solution. A security vulnerability exists in SAP NetWeaver Application Serve...

4.3CVSS6.6AI score0.00388EPSS
Exploits0References2
cnnvd
cnnvd
added 2024/11/12 12:0 a.m.2 views

SAP NetWeaver AS 安全漏洞

SAP NetWeaver AS is an SAP web application server from SAP, Germany. It not only provides web services, but also serves as the basic platform for SAP software. A security vulnerability exists in SAP NetWeaver AS version 7.5, which stems from a lack of authorization checking and allows unauthorize...

6.5CVSS6.5AI score0.0026EPSS
Exploits0References2
cnnvd
cnnvd
added 2024/11/12 12:0 a.m.6 views

SAP NetWeaver AS 安全漏洞

SAP NetWeaver AS is an SAP web application server from SAP, Germany. It not only provides web services, but also serves as the basic platform for SAP software. A security vulnerability exists in SAP NetWeaver AS version 7.5 that originates from a vulnerability that allows an unauthenticated...

5.3CVSS6.7AI score0.00298EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2024/09/10 4:29 a.m.13 views

CVE-2024-45279 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server for ABAP (CRM Blueprint Application Builder Panel)

Due to insufficient input validation, CRM Blueprint Application Builder Panel of SAP NetWeaver Application Server for ABAP allows an unauthenticated attacker to craft a URL link which could embed a malicious JavaScript. When a victim clicks on this link, the script will be executed in the victim'...

6.1CVSS6.8AI score0.00255EPSS
Exploits0References2
cvelist
cvelist
added 2024/09/10 4:29 a.m.18 views

CVE-2024-45279 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server for ABAP (CRM Blueprint Application Builder Panel)

Due to insufficient input validation, CRM Blueprint Application Builder Panel of SAP NetWeaver Application Server for ABAP allows an unauthenticated attacker to craft a URL link which could embed a malicious JavaScript. When a victim clicks on this link, the script will be executed in the victim'...

6.1CVSS0.00255EPSS
Exploits0References2
cvelist
cvelist
added 2024/09/10 4:0 a.m.31 views

CVE-2024-41728 Missing Authorization check in SAP NetWeaver Application Server for ABAP and ABAP Platform

Due to missing authorization check, SAP NetWeaver Application Server for ABAP and ABAP Platform allows an attacker logged in as a developer to read objects contained in a package. This causes an impact on confidentiality, as this attacker would otherwise not have access to view these objects...

2.7CVSS0.00288EPSS
Exploits0References2
cnnvd
cnnvd
added 2024/09/10 12:0 a.m.5 views

SAP NetWeaver Application Server 安全漏洞

SAP NetWeaver Application Server is an application server from SAP, Germany. A security vulnerability exists in SAP NetWeaver Application Server that stems from an RFC-enabled function module that allows a low-privileged user to add URLs to any user's workplace favorites...

4.3CVSS6.5AI score0.0025EPSS
Exploits0References4
cnnvd
cnnvd
added 2024/09/10 12:0 a.m.5 views

SAP NetWeaver Application Server 安全漏洞

SAP NetWeaver Application Server is an application server from SAP, Germany. A security vulnerability exists in SAP NetWeaver Application Server that stems from an RFC-enabled function module that allows a less-privileged user to perform a denial of service to any user and also to change or delet...

5.4CVSS6.4AI score0.00306EPSS
Exploits0References4
cnnvd
cnnvd
added 2024/09/10 12:0 a.m.4 views

SAP NetWeaver Application Server 安全漏洞

SAP NetWeaver Application Server is an application server from SAP, Germany. A security vulnerability exists in SAP NetWeaver Application Server that stems from an RFC-enabled function module that allows a low-privileged user to delete any user's workplace favorites...

5.4CVSS6.5AI score0.00284EPSS
Exploits0References4
Rows per page
Query Builder