29 matches found
EUVD-2016-7703
Malware in sbrugna...
EUVD-2017-7865
Malware in sbrugna...
EUVD-2017-7868
Malware in sbrugna...
EUVD-2013-7127
Malware in sbrugna...
EUVD-2014-8502
Malware in sbrugna...
EUVD-2022-53443
Malicious code in bioql PyPI...
CVE-2025-42907
SAP BI Platform allows an attacker to modify the IP address of the LogonToken for the OpenDoc. On accessing the modified link in the browser a different server could get the ping request. This has low impact on integrity with no impact on confidentiality and availability of the system...
CVE-2014-8666
The User & Server configuration, InfoView refresh, user rights BI-BIP-ADM component in SAP Business Intellignece allows remote attackers to obtain audit event details via unspecified vectors...
CVE-2014-8665
The SAP Business Intelligence Development Workbench allows remote attackers to obtain sensitive information by reading unspecified files...
CVE-2024-32732
Under certain conditions SAP BusinessObjects Business Intelligence platform allows an attacker to access information which would otherwise be restricted.This has low impact on Confidentiality with no impact on Integrity and Availability of the application...
SAP BusinessObjects Business Intelligence 信息泄露漏洞
SAP BusinessObjects Business IntelligenceSuite is a suite of business intelligence software and enterprise performance solutions from SAP, Germany. The product features report generation, analytics and data visualization. An information disclosure vulnerability exists in SAP BusinessObjects...
CVE-2023-25616
CVE-2023-25616 affects SAP BusinessObjects BI Platform (CMC) versions 420 and 430 via a code injection vulnerability in the Program Object execution path. Root cause described as improper handling leading to code injection, enabling an attacker to access resources with extra privileges and potent...
PT-2022-21175 · Sap Se +1 · Sap Businessobjects Business Intelligence Platform +1
Name of the Vulnerable Software and Affected Versions: No specific software or versions mentioned. Description: The issue allows an attacker with high privilege access and authenticated as a CMS administrator to access and modify system data in the BOE Commentary database. This can be done under...
CVE-2020-6278
SAP Business Objects Business Intelligence Platform BI Launchpad and CMC, versions 4.1, 4.2, allows to an attacker to embed malicious scripts in the application while uploading images, which gets executed when the victim opens these files, leading to Stored Cross Site Scripting...
PT-2020-19038 · Sap · Sap Businessobjects Business Intelligence Platform
Name of the Vulnerable Software and Affected Versions: SAP Business Objects Business Intelligence Platform Live Data Connect versions 1.0 through 2.3 Description: The issue allows an attacker to logon to the Central Management Console without a password if the BIPRWS application server is not...
CVE-2020-6221
Web Intelligence HTML interface in SAP Business Objects Business Intelligence Platform, versions 4.1, 4.2, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...
CVE-2020-6237
SAP Business Objects Business Intelligence Platform Information Disclosure (CVE-2020-6237) affects version 4.1 and 4.2 via the dswsbobje web application, allowing access to restricted information under certain conditions. The vulnerability is described as an information disclosure issue; no concr...
The vulnerability of the BEx Web Java Runtime Export web service of the SAP Business Intelligence software integration platform allows a perpetrator to gain access to the file system or cause a service failure.
The vulnerability of the BEx Web Java Runtime Export Web Service application of the SAP Business Intelligence software integration platform is related to incorrect restrictions on XML references to external objects. Exploiting this vulnerability could allow a malicious actor to gain access to the...
CVE-2017-16681
Cross-Site Scripting XSS vulnerability in SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, 4.30, as user controlled inputs are not sufficiently encoded...
CVE-2017-16684
SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, and 4.30, does not perform authentication checks for functionalities that require user identity...