Lucene search
K

14 matches found

Vulnrichment
Vulnrichment
added 2026/02/10 3:3 a.m.2 views

CVE-2026-24312 Missing authorization check in SAP Business Workflow

An erroneous authorization check in SAP Business Workflow leads to privilege escalation. An authenticated administrative user can bypass role restrictions by leveraging permissions from a less sensitive function to execute unauthorized, high-privilege actions. This has a high impact on data...

5.2CVSS5.6AI score0.0017EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2024-34988

Malicious code in bioql PyPI...

5CVSS5.5AI score0.00353EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-1488

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00324EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/23 11:35 a.m.5 views

CVE-2025-0058

In SAP Business Workflow and SAP Flexible Workflow, an authenticated attacker can manipulate a parameter in an otherwise legitimate resource request to view sensitive information that should otherwise be restricted. The attacker does not have the ability to modify the information or to make the...

6.5CVSS6.2AI score0.00324EPSS
Exploits0References1
OSV
OSV
added 2025/01/14 1:15 a.m.3 views

CVE-2025-0058

In SAP Business Workflow and SAP Flexible Workflow, an authenticated attacker can manipulate a parameter in an otherwise legitimate resource request to view sensitive information that should otherwise be restricted. The attacker does not have the ability to modify the information or to make the...

6.5CVSS5.8AI score0.00324EPSS
Exploits0References2
NVD
NVD
added 2025/01/14 1:15 a.m.8 views

CVE-2025-0058

In SAP Business Workflow and SAP Flexible Workflow, an authenticated attacker can manipulate a parameter in an otherwise legitimate resource request to view sensitive information that should otherwise be restricted. The attacker does not have the ability to modify the information or to make the...

6.5CVSS0.00324EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/01/14 12:8 a.m.10 views

CVE-2025-0058 Information Disclosure vulnerability in SAP Business Workflow and SAP Flexible Workflow

In SAP Business Workflow and SAP Flexible Workflow, an authenticated attacker can manipulate a parameter in an otherwise legitimate resource request to view sensitive information that should otherwise be restricted. The attacker does not have the ability to modify the information or to make the...

6.5CVSS6.2AI score0.00324EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/14 12:8 a.m.14 views

CVE-2025-0058 Information Disclosure vulnerability in SAP Business Workflow and SAP Flexible Workflow

In SAP Business Workflow and SAP Flexible Workflow, an authenticated attacker can manipulate a parameter in an otherwise legitimate resource request to view sensitive information that should otherwise be restricted. The attacker does not have the ability to modify the information or to make the...

6.5CVSS0.00324EPSS
Exploits0References2
CVE
CVE
added 2025/01/14 12:8 a.m.62 views

CVE-2025-0058

SAP Business Workflow and SAP Flexible Workflow are affected by CVE-2025-0058. An authenticated attacker can manipulate a parameter in a legitimate resource request to view sensitive information that should be restricted, without modifying the information or causing unavailability. The report cit...

6.5CVSS6.2AI score0.00324EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2024/07/19 12:0 a.m.4 views

SAP Business Workflow Information Disclosure Vulnerability

SAP Business Workflow is a key component for executing business processes from SAP Germany that allows users to design, implement and manage business processes, ensure process compliance and reduce the need for manual operations through automation. An information disclosure vulnerability exists i...

5CVSS6AI score0.00353EPSS
Exploits0References1
NVD
NVD
added 2024/07/09 5:15 a.m.18 views

CVE-2024-34689

WebFlow Services of SAP Business Workflow allows an authenticated attacker to enumerate accessible HTTP endpoints in the internal network by specially crafting HTTP requests. On successful exploitation this can result in information disclosure. It has no impact on integrity and availability of th...

5CVSS0.00353EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/07/09 4:18 a.m.13 views

CVE-2024-34689 [CVE-2024-34689] Server-Side Request Forgery in SAP Business Workflow (WebFlow Services)

WebFlow Services of SAP Business Workflow allows an authenticated attacker to enumerate accessible HTTP endpoints in the internal network by specially crafting HTTP requests. On successful exploitation this can result in information disclosure. It has no impact on integrity and availability of th...

5CVSS6.4AI score0.00353EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/09 4:18 a.m.22 views

CVE-2024-34689 [CVE-2024-34689] Server-Side Request Forgery in SAP Business Workflow (WebFlow Services)

WebFlow Services of SAP Business Workflow allows an authenticated attacker to enumerate accessible HTTP endpoints in the internal network by specially crafting HTTP requests. On successful exploitation this can result in information disclosure. It has no impact on integrity and availability of th...

5CVSS0.00353EPSS
Exploits0References2
CVE
CVE
added 2024/07/09 4:18 a.m.62 views

CVE-2024-34689

The CVE-2024-34689 issue affects SAP Business Workflow’s WebFlow Services. An authenticated attacker can enumerate HTTP endpoints accessible on the internal network by sending specially crafted HTTP requests, leading to information disclosure. The impact is limited to confidentiality (information...

5CVSS4.8AI score0.00353EPSS
Exploits0References2Affected Software2
Rows per page
Query Builder