4561 matches found
CVE-2026-34257
Due to an Open Redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft malicious URL that, if accessed by a victim, they could be redirected to the page controlled by the attacker. This causes low impact on confidentiality and integrity of the...
CVE-2026-27674
Due to a Code Injection vulnerability in SAP NetWeaver Application Server Java Web Dynpro Java, an unauthenticated attacker could supply crafted input that is interpreted by the application and causes it to reference attacker-controlled content. If a victim accesses the affected functionality, th...
CVE-2026-34257 Open Redirect vulnerability in SAP NetWeaver Application Server ABAP
Due to an Open Redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft malicious URL that, if accessed by a victim, they could be redirected to the page controlled by the attacker. This causes low impact on confidentiality and integrity of the...
EUVD-2026-22168
Due to an Open Redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft malicious URL that, if accessed by a victim, they could be redirected to the page controlled by the attacker. This causes low impact on confidentiality and integrity of the...
CVE-2026-34257 Open Redirect vulnerability in SAP NetWeaver Application Server ABAP
Due to an Open Redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft malicious URL that, if accessed by a victim, they could be redirected to the page controlled by the attacker. This causes low impact on confidentiality and integrity of the...
CVE-2026-34257
Due to an Open Redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft malicious URL that, if accessed by a victim, they could be redirected to the page controlled by the attacker. This causes low impact on confidentiality and integrity of the...
CVE-2026-34257
CVE-2026-34257 is an Open Redirect vulnerability in SAP NetWeaver Application Server ABAP. The issue allows an unauthenticated attacker to supply a crafted URL that could redirect a victim to a attacker-controlled page. According to the provided documents, the impact is described as low for confi...
CVE-2026-27674
An unauthenticated code injection flaw in SAP NetWeaver Application Server Java (Web Dynpro Java) could allow a crafted input to cause the application to reference attacker‑controlled content, leading to execution of client‑side code in the victim’s browser and potential session compromise. Affec...
CVE-2026-27674
Due to a Code Injection vulnerability in SAP NetWeaver Application Server Java Web Dynpro Java, an unauthenticated attacker could supply crafted input that is interpreted by the application and causes it to reference attacker-controlled content. If a victim accesses the affected functionality, th...
EUVD-2026-22146
Due to a Code Injection vulnerability in SAP NetWeaver Application Server Java Web Dynpro Java, an unauthenticated attacker could supply crafted input that is interpreted by the application and causes it to reference attacker-controlled content. If a victim accesses the affected functionality, th...
CVE-2026-27674 Code Injection vulnerability in SAP NetWeaver Application Server Java (Web Dynpro Java)
Due to a Code Injection vulnerability in SAP NetWeaver Application Server Java Web Dynpro Java, an unauthenticated attacker could supply crafted input that is interpreted by the application and causes it to reference attacker-controlled content. If a victim accesses the affected functionality, th...
CVE-2026-27674 Code Injection vulnerability in SAP NetWeaver Application Server Java (Web Dynpro Java)
Due to a Code Injection vulnerability in SAP NetWeaver Application Server Java Web Dynpro Java, an unauthenticated attacker could supply crafted input that is interpreted by the application and causes it to reference attacker-controlled content. If a victim accesses the affected functionality, th...
SAP NetWeaver Application Server Java 代码注入漏洞
SAP NetWeaver Application Server Java is an application server provided by the German company SAP, which offers a Java runtime environment. This product is primarily used for developing and running Java EE applications. SAP NetWeaver Application Server Java has a code injection vulnerability; thi...
PT-2026-32554
Name of the Vulnerable Software and Affected Versions SAP NetWeaver Application Server Java Web Dynpro Java affected versions not specified Description A code injection issue in the Web Dynpro Java component allows an unauthenticated attacker to provide crafted input that the application interpre...
PT-2026-32567
Due to an Open Redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft malicious URL that, if accessed by a victim, they could be redirected to the page controlled by the attacker. This causes low impact on confidentiality and integrity of the...
SAP NetWeaver Application Server ABAP 输入验证错误漏洞
SAP NetWeaver Application Server ABAP is a platform used by SAP, a German company, for the operation and development of applications written in the ABAP language. There is an input validation vulnerability in SAP NetWeaver Application Server ABAP. This vulnerability stems from an open redirection...
SAP NetWeaver AS ABAP Missing Authorization Check (3703856)
The version of SAP NetWeaver AS ABAP and ABAP Platform detected on the remote host is affected by a missing authorization check vulnerability as referenced in the SAP Security Patch Day March 2026: - Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated...
SAP NetWeaver AS ABAP Missing Authorization Check (3694383)
The version of SAP NetWeaver AS ABAP and ABAP Platform detected on the remote host is affected by a missing authorization check vulnerability as referenced in the SAP Security Patch Day March 2026: - Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated...
Vulnerabilities fixed in SAP products
SAP has fixed vulnerabilities in several products, including SAP Quotation Management Insurance and SAP NetWeaver. Some of the fixed vulnerabilities are in third-party products - such as Oracle - that are incorporated into SAP products. The vulnerabilities include a code injection flaw, missing...
SAP Netweaver Visual Composer Unrestricted File Upload (3084487)
SAP NetWeaver Visual Composer 7.0 RT versions - 7.30, 7.31, 7.40, 7.50, without restriction, an attacker authenticated as a non-administrative user can upload a malicious file over a network and trigger its processing, which is capable of running operating system commands with the privilege of th...