8 matches found
EUVD-2011-4625
Malware in sbrugna...
CVE-2025-27437 Missing Authorization check in SAP NetWeaver Application Server ABAP (Virus Scan Interface)
A Missing Authorization Check vulnerability exists in the Virus Scanner Interface of SAP NetWeaver Application Server ABAP. Because of this, an attacker authenticated as a non-administrative user can initiate a transaction, allowing them to access but not modify non-sensitive data without further...
CVE-2025-27437 Missing Authorization check in SAP NetWeaver Application Server ABAP (Virus Scan Interface)
A Missing Authorization Check vulnerability exists in the Virus Scanner Interface of SAP NetWeaver Application Server ABAP. Because of this, an attacker authenticated as a non-administrative user can initiate a transaction, allowing them to access but not modify non-sensitive data without further...
CVE-2025-27437
CVE-2025-27437 affects SAP NetWeaver Application Server ABAP, specifically the Virus Scanner Interface. The vulnerability is a missing authorization check that allows an attacker authenticated as a non-administrative user to initiate a transaction and access but not modify non-sensitive data, wit...
The vulnerability of the SAP NetWeaver Virus Scan Interface (NW-VSI) programming integration platform for SAP NetWeaver Application Server ABAP and ABAP Platform allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of the SAP NetWeaver Virus Scan Interface NW-VSI software integration platform for SAP NetWeaver Application Server ABAP and ABAP Platform is related to a flaw in the data protection mechanism. Exploiting this vulnerability allows an attacker to compromise the confidentiality,...
The vulnerability of Trend Micro’s Virus Scan API (VSAPI) and Advanced Threat Scan Engine (ATSE) lies in improper resource cleanup or release mechanisms. This allows attackers to cause the software to crash or fail to perform its functions.
The vulnerability of Trend Micro’s Virus Scan API VSAPI and Advanced Threat Scan Engine ATSE lies in improper resource cleanup or release. Exploiting this vulnerability can allow an attacker to cause the software to crash or experience service failures due to a specially created file...
Vulnerability fixed in Trend Micro products
Trend Micro has fixed a vulnerability in products that use the Virus Scan API VSAPI and/or the Advanced Threat Scan Engine ATSE. The vulnerability allows an unauthenticated remote malicious party capable of causing a denial-of-service cause. Trend Micro has released updates for numerous products ...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the Virus Scan Interface in SAP Netweaver allow remote attackers to inject arbitrary web script or HTML via the 1 instname parameter to the VsiTestScan servlet and 2 name parameter to the VsiTestServlet servlet...