75 matches found
CVE-2026-40136
Technical details are not publicly available in the provided documents; no affected versions, vectors, or mitigations are specified. Monitor for updates to SAP Financial Consolidation CVE-2026-40136.
CVE-2026-40136 Denial of service (DoS) in SAP Financial Consolidation
SAP Financial Consolidation allows an authenticated attacker to disconnect other users by terminating their sessions temporarily preventing access. However, the application itself cannot be compromised resulting in a low impact on availability. There is no impact on confidentiality and integrity ...
PT-2026-39929
SAP Financial Consolidation allows an authenticated attacker to disconnect other users by terminating their sessions temporarily preventing access. However, the application itself cannot be compromised resulting in a low impact on availability. There is no impact on confidentiality and integrity ...
CVE-2022-31595
SAP Financial Consolidation - version 1010,�does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges...
CVE-2022-26104
SAP Financial Consolidation - version 10.1, does not perform necessary authorization checks for updating homepage messages, resulting for an unauthorized user to alter the maintenance system message...
EUVD-2019-1143
Malware in sbrugna...
EUVD-2018-14354
Malware in sbrugna...
EUVD-2019-1142
Malware in sbrugna...
EUVD-2022-44469
Malicious code in bioql PyPI...
EUVD-2022-44467
Malicious code in bioql PyPI...
EUVD-2024-36484
Malicious code in bioql PyPI...
EUVD-2022-53049
Malicious code in bioql PyPI...
EUVD-2022-30672
Malicious code in bioql PyPI...
EUVD-2022-44449
Malicious code in bioql PyPI...
The vulnerability of the SAP Financial Consolidation web application lies in the storage of confidential information within a mechanism with no access control. This allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the SAP Financial Consolidation web application relates to the storage of confidential information within a mechanism without access control. Exploiting this vulnerability could allow an attacker operating remotely to compromise the confidentiality, integrity, and accessibili...
CVE-2022-41258
Due to insufficient input validation, SAP Financial Consolidation - version 1010, allows an authenticated attacker to inject malicious script when running a common query in the Web Administration Console. On successful exploitation, an attacker can view or modify information causing a limited...
CVE-2022-41260
SAP Financial Consolidation - version 1010, does not sufficiently encode user-controlled input which may allow an unauthenticated attacker to inject a web script via a GET request. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality a...
CVE-2022-41208
Due to insufficient input validation, SAP Financial Consolidation - version 1010, allows an authenticated attacker with user privileges to alter current user session. On successful exploitation, the attacker can view or modify information, causing a limited impact on confidentiality and integrity...
CVE-2019-0370
Due to missing input validation, SAP Financial Consolidation, before versions 10.0 and 10.1, enables an attacker to use crafted input to interfere with the structure of the surrounding query leading to XPath Injection...
CVE-2019-0369
SAP Financial Consolidation, before versions 10.0 and 10.1, does not sufficiently encode user-controlled inputs, which allows an attacker to execute scripts by uploading files containing malicious scripts, leading to reflected cross site scripting vulnerability...