16 matches found
EUVD-2013-1629
Malware in sbrugna...
EUVD-2017-15065
Malware in sbrugna...
EUVD-2023-41378
Malicious code in bioql PyPI...
CVE-2023-37491
The ACL Access Control List of SAP Message Server - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, RNL64UC 7.22, RNL64UC 7.22EXT, RNL64UC 7.53, KRNL64NUC 7.22, KRNL64NUC 7.22EXT, can be bypassed in certain conditions, which may enable an authenticated malicious user to enter the...
Online Security Guards Hiring System Cross-Site Scripting Vulnerability (CNVD-2023-64633)
Online Security Guards Hiring System is an online security guard hiring system. A security vulnerability exists in Online Security Guards Hiring System version v.1.0. The vulnerability can be exploited by an attacker to perform cross-site scripting attacks...
Hospital Management System SQL Injection Vulnerability (CNVD-2023-64634)
A Hospital Management System HMS is a computerized system that helps manage healthcare-related information and helps healthcare providers do their jobs effectively. Hospital Management System version 1.0 suffers from a SQL injection vulnerability that stems from the fact that incorrect manipulati...
CVE-2023-37491 Improper Authorization check vulnerability in SAP Message Server
The ACL Access Control List of SAP Message Server - versions KERNEL 7.22, KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, RNL64UC 7.22, RNL64UC 7.22EXT, RNL64UC 7.53, KRNL64NUC 7.22, KRNL64NUC 7.22EXT, can be bypassed in certain conditions, which may enable an authenticated malicious user to enter the...
PT-2023-4246 · Sap · Sap Message Server
Name of the Vulnerable Software and Affected Versions: SAP Message Server versions KERNEL 7.22, KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, RNL64UC 7.22, RNL64UC 7.22EXT, RNL64UC 7.53, KRNL64NUC 7.22, KRNL64NUC 7.22EXT Description: The issue is related to the Access Control List ACL of the SAP Message...
CVE-2013-1593
A Denial of Service vulnerability exists in the WRITEC function in the msgserver.exe module in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04 when sending a crafted SAP Message Server packet to TCP ports 36NN and/or 39NN...
SAP Gateway Remote Command Execution
Added: 05/07/2019 Background SAP Gateway is a development framework, which allows non-SAP applications to communicate with SAP applications. Problem SAP Gateway behavior depends on two parameters, aclmode and simmode. If SAP Gateway access control lists ACLs are configured aclmode=0, anonymous...
New Exploits for Unsecure SAP Systems
Summary The Cybersecurity and Infrastructure Security Agency CISA is issuing this activity alert in response to recently disclosed exploits that target unsecure configurations of SAP components. 1 Technical Details A presentation at the April 2019 Operation for Community Development and Empowerme...
CVE-2017-5997
The SAP Message Server HTTP daemon in SAP KERNEL 7.21-7.49 allows remote attackers to cause a denial of service memory consumption and process crash via multiple msgserver/group?group= requests with a crafted size of the group parameter, aka SAP Security Note 2358972...
SAP Message Server Denial of Service Vulnerability
SAP Message Server is responsible for communication between application servers. A denial of service vulnerability exists in SAP Message Server. An attacker could exploit the vulnerability to cause a denial of service condition...
SAP Message Server Group Parameter Remote Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/24765/info SAP Message Server is prone to a remote heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data before copying it to an insufficiently...
Heap overflow
Heap-based buffer overflow in the Message HTTP Server in SAP Message Server allows remote attackers to execute arbitrary code via a long string in the group parameter to /msgserver/html/group...
CVE-2007-3624
Heap-based buffer overflow in the Message HTTP Server in SAP Message Server allows remote attackers to execute arbitrary code via a long string in the group parameter to /msgserver/html/group...