26 matches found
CVE-2026-45646 OData for ASP.NET and ASP.NET Core Denial of Service Vulnerability
...
CVE-2026-45646 OData for ASP.NET and ASP.NET Core Denial of Service Vulnerability
...
CVE-2026-50506 OData for ASP.NET and ASP.NET Core Denial of Service Vulnerability
...
CVE-2026-27677
Due to missing authorization checks in the SAP S/4HANA OData Service Manage Reference Equipment, an attacker could update and delete child entities via OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and availability are not...
CVE-2026-27676
Due to missing authorization checks in the SAP S/4HANA OData Service Manage Technical Object Structures, an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability results in a low impact on integrity, while confidentiality and...
CVE-2026-27679
CVE-2026-27679 affects the SAP S/4HANA frontend OData Service (Manage Reference Structures). Missing authorization checks allow an attacker to update and delete child entities via exposed OData services, impacting integrity (I: High) with no confidentiality or availability impact stated. CVSS v3....
CVE-2026-27679
Due to missing authorization checks in the SAP S/4HANA frontend OData Service Manage Reference Structures, an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and...
CVE-2026-27678 Missing Authorization check in SAP S/4HANA Backend OData Service (Manage Reference Structures)
Due to missing authorization checks in the SAP S/4HANA backend OData Service Manage Reference Structures, an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and...
EUVD-2026-22150
Due to missing authorization checks in the SAP S/4HANA backend OData Service Manage Reference Structures, an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and...
PT-2026-32557
Due to missing authorization checks in the SAP S/4HANA OData Service Manage Reference Equipment, an attacker could update and delete child entities via OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and availability are not...
PT-2026-32558
Due to missing authorization checks in the SAP S/4HANA backend OData Service Manage Reference Structures, an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and...
The vulnerability of the OData protocol implementation in SAP S4CORE Entity software allows unauthorized access to protected information.
The vulnerability of the OData protocol implementation in SAP S4CORE Entity software is related to deficiencies in displaying hidden user fields. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
SAP Just In Time 安全漏洞
SAP Just In Time is an application from SAP Germany designed to enable efficient demand-driven production and logistics throughout the supply chain. An elevation of privilege vulnerability exists in SAP Just In Time, which stems from the OData service not performing the necessary privilege checks...
PT-2025-6125 · Sap · Sap Fiori +1
Name of the Vulnerable Software and Affected Versions: SAP ERP affected versions not specified Description: The issue concerns the SAP OData endpoint in SAP Fiori for SAP ERP, where cached values could be poisoned by modifying the Host header value in an HTTP GET request. An attacker could alter...
CVE-2024-45282
Fields which are in 'read only' state in Bank Statement Draft in Manage Bank Statements application, could be modified by MERGE method. The property of an OData entity representing assumably immutable method is not protected against external modifications leading to integrity violations...
F5 BIG-IP SQL注入漏洞
F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. An OData injection vulnerability exists in F5 BIG-IP Next Central Manager, which can be exploited to send crafted SQL statemen...
Apache Olingo OData 4.0 - XML External Entity Injection Exploit
Exploit for java platform in category web applications Product: Apache Olingo OData 4.0 Vendor: Apache Foundation CSNC ID: CSNC-2009-025 CVE ID: CVE-2019-17554 Subject: XML External Entity Resolution XXE Risk: High Effect: Remotely exploitable Author: Archibald Haddock email protected Date:...
Apache Olingo Code Issue Vulnerability
Apache Olingo is a U.S. Apache Apache Software Foundation for the implementation of Open Data Protocol OData, Open Data Protocol Java library. A code issue vulnerability exists in Apache Olingo. An attacker could exploit this vulnerability to execute code or cause other harm...
Microsoft OData Denial of Service Vulnerability
Open Data Protocol Open Data Protocol, OData is a Web protocol for querying and updating data that provides a way to expose data that exists in an application, a standard initiated by Microsoft. A remote denial of service vulnerability exists in Microsoft OData. An attacker could exploit this...
CVE-2018-2465
SAP HANA versions 1.0 and 2.0 Extended Application Services classic model OData parser does not sufficiently validate XML. By exploiting, an unauthorized hacker can cause the database server to crash...