17 matches found
CVE-2025-42899
SAP S4CORE Manage journal entries does not perform necessary authorization checks for an authenticated user resulting in escalation of privileges. This has low impact on confidentiality of the application with no impact on integrity and availability of the application...
CVE-2025-42899
SAP S4CORE Manage journal entries does not perform necessary authorization checks for an authenticated user resulting in escalation of privileges. This has low impact on confidentiality of the application with no impact on integrity and availability of the application...
PT-2025-46237
Name of the Vulnerable Software and Affected Versions SAP S4CORE affected versions not specified Description The software does not perform required authorization checks for authenticated users when managing journal entries, potentially allowing for privilege escalation. The issue has a low impact...
EUVD-2025-14347
Malicious code in bioql PyPI...
EUVD-2025-10092
Malicious code in bioql PyPI...
SAP S4CORE Information Disclosure Vulnerability
SAP S4CORE is an application for managing procurement contracts from SAP. SAP S4CORE suffers from an information disclosure vulnerability that stems from a lack of authorization checks, which can be exploited by an attacker to cause information disclosure...
CVE-2025-43002
SAP S4CORE OData meta-data property allows an authenticated attacker to access restricted information due to missing authorization check. This could cause a low impact on confidentiality but integrity and availability of the application are not impacted...
CVE-2025-43002
SAP S4CORE OData meta-data property allows an authenticated attacker to access restricted information due to missing authorization check. This could cause a low impact on confidentiality but integrity and availability of the application are not impacted...
PT-2025-20814 · Sap · Sap S4Core
Name of the Vulnerable Software and Affected Versions: SAP S4CORE affected versions not specified Description: The issue allows an authenticated attacker to access restricted information due to a missing authorization check in the OData meta-data property. This could cause a low impact on...
CVE-2025-31333
SAP S4CORE OData meta-data property is vulnerable to data tampering, due to which entity set could be externally modified by an attacker causing low impact on integrity of the application. Confidentiality and availability is not impacted...
CVE-2025-31333
SAP S4CORE OData meta-data property is vulnerable to data tampering, due to which entity set could be externally modified by an attacker causing low impact on integrity of the application. Confidentiality and availability is not impacted...
CVE-2025-31333
The CVE-2025-31333 issue affects SAP S4CORE : an OData meta-data property vulnerability that could allow data tampering to externally modify an entity set, with low integrity impact and no impact to confidentiality or availability. Advisories note SAP has released patches to fix this and other SA...
CVE-2025-31333 Odata meta-data tampering in SAP S4CORE entity
SAP S4CORE OData meta-data property is vulnerable to data tampering, due to which entity set could be externally modified by an attacker causing low impact on integrity of the application. Confidentiality and availability is not impacted...
CVE-2025-31333 Odata meta-data tampering in SAP S4CORE entity
SAP S4CORE OData meta-data property is vulnerable to data tampering, due to which entity set could be externally modified by an attacker causing low impact on integrity of the application. Confidentiality and availability is not impacted...
SAP Portfolio and Project Management CVE-2019-0399 Information Disclosure Vulnerability
Description SAP Portfolio and Project Management is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected SAP Portfolio and Project Management SAP S4CORE 1.02 SAP S4CORE...
SAP Treasury and Risk Management CVE-2019-0383 Remote Authorization Bypass Vulnerability
Description SAP Treasury and Risk Management is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks. Technologies Affected SAP EA-FINSERV 6.0 SAP EA-FINSERV 6.03 SAP EA-FINSE...
SAP Treasury and Risk Management CVE-2019-0384 Remote Authorization Bypass Vulnerability
Description SAP Treasury and Risk Management is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks. Technologies Affected SAP EA-FINSERV 6.0 SAP EA-FINSERV 6.03 SAP EA-FINSE...