Lucene search
K

4561 matches found

NVD
NVD
added 2026/04/14 1:16 a.m.5 views

CVE-2026-34257

Due to an Open Redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft malicious URL that, if accessed by a victim, they could be redirected to the page controlled by the attacker. This causes low impact on confidentiality and integrity of the...

6.1CVSS0.00155EPSS
Exploits0References2
NVD
NVD
added 2026/04/14 12:16 a.m.3 views

CVE-2026-27674

Due to a Code Injection vulnerability in SAP NetWeaver Application Server Java Web Dynpro Java, an unauthenticated attacker could supply crafted input that is interpreted by the application and causes it to reference attacker-controlled content. If a victim accesses the affected functionality, th...

6.1CVSS0.00192EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/14 12:8 a.m.29 views

CVE-2026-34257 Open Redirect vulnerability in SAP NetWeaver Application Server ABAP

Due to an Open Redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft malicious URL that, if accessed by a victim, they could be redirected to the page controlled by the attacker. This causes low impact on confidentiality and integrity of the...

6.1CVSS0.00155EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/14 12:8 a.m.10 views

EUVD-2026-22168

Due to an Open Redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft malicious URL that, if accessed by a victim, they could be redirected to the page controlled by the attacker. This causes low impact on confidentiality and integrity of the...

6.1CVSS5.8AI score0.00155EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/14 12:8 a.m.3 views

CVE-2026-34257 Open Redirect vulnerability in SAP NetWeaver Application Server ABAP

Due to an Open Redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft malicious URL that, if accessed by a victim, they could be redirected to the page controlled by the attacker. This causes low impact on confidentiality and integrity of the...

6.1CVSS5.8AI score0.00155EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/14 12:8 a.m.6 views

CVE-2026-34257

Due to an Open Redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft malicious URL that, if accessed by a victim, they could be redirected to the page controlled by the attacker. This causes low impact on confidentiality and integrity of the...

6.1CVSS5.8AI score0.00155EPSS
Exploits0References3
CVE
CVE
added 2026/04/14 12:8 a.m.14 views

CVE-2026-34257

CVE-2026-34257 is an Open Redirect vulnerability in SAP NetWeaver Application Server ABAP. The issue allows an unauthenticated attacker to supply a crafted URL that could redirect a victim to a attacker-controlled page. According to the provided documents, the impact is described as low for confi...

6.1CVSS5.8AI score0.00155EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/04/14 12:6 a.m.12 views

CVE-2026-27674

An unauthenticated code injection flaw in SAP NetWeaver Application Server Java (Web Dynpro Java) could allow a crafted input to cause the application to reference attacker‑controlled content, leading to execution of client‑side code in the victim’s browser and potential session compromise. Affec...

6.1CVSS6.1AI score0.00192EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/14 12:6 a.m.2 views

CVE-2026-27674

Due to a Code Injection vulnerability in SAP NetWeaver Application Server Java Web Dynpro Java, an unauthenticated attacker could supply crafted input that is interpreted by the application and causes it to reference attacker-controlled content. If a victim accesses the affected functionality, th...

6.1CVSS6.1AI score0.00192EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/14 12:6 a.m.3 views

EUVD-2026-22146

Due to a Code Injection vulnerability in SAP NetWeaver Application Server Java Web Dynpro Java, an unauthenticated attacker could supply crafted input that is interpreted by the application and causes it to reference attacker-controlled content. If a victim accesses the affected functionality, th...

6.1CVSS6.1AI score0.00192EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/14 12:6 a.m.25 views

CVE-2026-27674 Code Injection vulnerability in SAP NetWeaver Application Server Java (Web Dynpro Java)

Due to a Code Injection vulnerability in SAP NetWeaver Application Server Java Web Dynpro Java, an unauthenticated attacker could supply crafted input that is interpreted by the application and causes it to reference attacker-controlled content. If a victim accesses the affected functionality, th...

6.1CVSS0.00192EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/14 12:6 a.m.1 views

CVE-2026-27674 Code Injection vulnerability in SAP NetWeaver Application Server Java (Web Dynpro Java)

Due to a Code Injection vulnerability in SAP NetWeaver Application Server Java Web Dynpro Java, an unauthenticated attacker could supply crafted input that is interpreted by the application and causes it to reference attacker-controlled content. If a victim accesses the affected functionality, th...

6.1CVSS6.1AI score0.00192EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.9 views

SAP NetWeaver Application Server Java 代码注入漏洞

SAP NetWeaver Application Server Java is an application server provided by the German company SAP, which offers a Java runtime environment. This product is primarily used for developing and running Java EE applications. SAP NetWeaver Application Server Java has a code injection vulnerability; thi...

6.1CVSS6AI score0.00192EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.4 views

PT-2026-32554

Name of the Vulnerable Software and Affected Versions SAP NetWeaver Application Server Java Web Dynpro Java affected versions not specified Description A code injection issue in the Web Dynpro Java component allows an unauthenticated attacker to provide crafted input that the application interpre...

6.4CVSS5.8AI score0.00192EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.5 views

PT-2026-32567

Due to an Open Redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft malicious URL that, if accessed by a victim, they could be redirected to the page controlled by the attacker. This causes low impact on confidentiality and integrity of the...

6.1CVSS5.8AI score0.00155EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/14 12:0 a.m.8 views

SAP NetWeaver Application Server ABAP 输入验证错误漏洞

SAP NetWeaver Application Server ABAP is a platform used by SAP, a German company, for the operation and development of applications written in the ABAP language. There is an input validation vulnerability in SAP NetWeaver Application Server ABAP. This vulnerability stems from an open redirection...

6.1CVSS5.8AI score0.00155EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/13 12:0 a.m.1 views

SAP NetWeaver AS ABAP Missing Authorization Check (3703856)

The version of SAP NetWeaver AS ABAP and ABAP Platform detected on the remote host is affected by a missing authorization check vulnerability as referenced in the SAP Security Patch Day March 2026: - Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated...

6.4CVSS6AI score0.00205EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/13 12:0 a.m.4 views

SAP NetWeaver AS ABAP Missing Authorization Check (3694383)

The version of SAP NetWeaver AS ABAP and ABAP Platform detected on the remote host is affected by a missing authorization check vulnerability as referenced in the SAP Security Patch Day March 2026: - Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated...

4.3CVSS5.9AI score0.00193EPSS
Exploits0References3
NCSC
NCSC
added 2026/03/12 7:24 a.m.5 views

Vulnerabilities fixed in SAP products

SAP has fixed vulnerabilities in several products, including SAP Quotation Management Insurance and SAP NetWeaver. Some of the fixed vulnerabilities are in third-party products - such as Oracle - that are incorporated into SAP products. The vulnerabilities include a code injection flaw, missing...

9.8CVSS5.9AI score0.6906EPSS
Exploits3References1
Tenable Nessus
Tenable Nessus
added 2026/03/12 12:0 a.m.4 views

SAP Netweaver Visual Composer Unrestricted File Upload (3084487)

SAP NetWeaver Visual Composer 7.0 RT versions - 7.30, 7.31, 7.40, 7.50, without restriction, an attacker authenticated as a non-administrative user can upload a malicious file over a network and trigger its processing, which is capable of running operating system commands with the privilege of th...

9.9CVSS7.3AI score0.37149EPSS
Exploits1References2
Rows per page
Query Builder