Lucene search
K

38 matches found

CNVD
CNVD
added 2024/02/19 12:0 a.m.7 views

SAP ABA Code Injection Vulnerability

SAP ABA Application Basis is an application transaction management system developed by SAP. A code injection vulnerability exists in the SAP ABA Application Basis interface, which can be exploited by a remote attacker to submit a special request that can be used to execute arbitrary code in the...

9.1CVSS7.9AI score0.01079EPSS
Exploits0References1
NVD
NVD
added 2024/02/13 3:15 a.m.30 views

CVE-2024-22131

In SAP ABA Application Basis - versions 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75I, an attacker authenticated as a user with a remote execution authorization can use a vulnerable interface. This allows the attacker to use the interface to invoke an application function to perform actions...

9.1CVSS9.1AI score0.01079EPSS
Exploits0References2
Prion
Prion
added 2024/02/13 3:15 a.m.26 views

Authorization

In SAP ABA Application Basis - versions 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75I, an attacker authenticated as a user with a remote execution authorization can use a vulnerable interface. This allows the attacker to use the interface to invoke an application function to perform actions...

5.8CVSS7AI score0.01079EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/02/13 2:30 a.m.23 views

CVE-2024-22131 Code Injection vulnerability in SAP ABA (Application Basis)

In SAP ABA Application Basis - versions 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75I, an attacker authenticated as a user with a remote execution authorization can use a vulnerable interface. This allows the attacker to use the interface to invoke an application function to perform actions...

9.1CVSS6.8AI score0.01079EPSS
Exploits0References2
CVE
CVE
added 2024/02/13 2:30 a.m.68 views

CVE-2024-22131

CVE-2024-22131 affects SAP ABA (Application Basis) across versions 700, 701, 702, 731, 740, 750, 751, 752, 75C, 75I. The issue enables an authenticated user with remote execution privileges to use a vulnerable interface to invoke application functions beyond normal permissions, potentially readin...

9.1CVSS8.9AI score0.01079EPSS
Exploits0References2Affected Software1
SUSE CVE
SUSE CVE
added 2023/02/15 3:58 a.m.5 views

SUSE CVE-2020-14059

An issue was discovered in Squid 5.x before 5.0.3. Due to an Incorrect Synchronization, a Denial of Service can occur when processing objects in an SMP cache because of an Ipc::Mem::PageStack::pop ABA problem during access to the memory page/slot management list...

6.3CVSS6.9AI score0.04408EPSS
Exploits0References10
Rapid7 Blog
Rapid7 Blog
added 2021/10/05 1:34 p.m.24 views

What's New in InsightIDR: Q3 2021 in Review

This post offers a closer look at some of the recent updates and releases in InsightIDR, our extended detection and response solution, from Q3 2021. Welcome IntSights to the Rapid7 Insight Platform family! As you may have seen in recent communications, Rapid7 acquired IntSights, a leading provide...

0.1AI score
Exploits0
Positive Technologies
Positive Technologies
added 2021/04/15 12:0 a.m.6 views

PT-2021-8278 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the locking mechanism in the Linux kernel, specifically in the queued write lock slowpath function. A reader can acquire the lock without holding the wait lock,...

7.8CVSS6.3AI score0.01549EPSS
Exploits5References906
Rapid7 Blog
Rapid7 Blog
added 2021/03/03 12:41 a.m.1861 views

Rapid7’s InsightIDR Enables Detection And Response to Microsoft Exchange Zero-Day

Starting February 27, 2021, Rapid7 has observed a notable increase in the exploitation of Microsoft Exchange through existing detections in InsightIDR’s Attacker Behavior Analytics ABA. The Managed Detection and Response MDR identified multiple, related compromises in the past 72 hours. In most...

7.5CVSS0.99999EPSS
Exploits73
Rapid7 Blog
Rapid7 Blog
added 2020/12/18 2:50 p.m.122 views

What’s New in InsightIDR: Q4 2020 in Review

Throughout the year, we’ve provided roundups of what’s new in InsightIDR, our cloud-based SIEM tool see the H1 recap post, and our most recent Q3 2020 recap post. As we near the end of 2020, we wanted to offer a closer look at some of the recent updates and releases in InsightIDR from Q4 2020...

7.2AI score
Exploits0
UbuntuCve
UbuntuCve
added 2020/06/30 7:15 p.m.23 views

CVE-2020-14059

An issue was discovered in Squid 5.x before 5.0.3. Due to an Incorrect Synchronization, a Denial of Service can occur when processing objects in an SMP cache because of an Ipc::Mem::PageStack::pop ABA problem during access to the memory page/slot management list...

6.5CVSS6.7AI score0.04408EPSS
Exploits0References4
Cvelist
Cvelist
added 2020/06/30 6:23 p.m.32 views

CVE-2020-14059

An issue was discovered in Squid 5.x before 5.0.3. Due to an Incorrect Synchronization, a Denial of Service can occur when processing objects in an SMP cache because of an Ipc::Mem::PageStack::pop ABA problem during access to the memory page/slot management list...

6.5AI score0.04408EPSS
Exploits0References3
CVE
CVE
added 2020/06/30 6:23 p.m.162 views

CVE-2020-14059

Squid 5.x prior to 5.0.3 is affected by CVE-2020-14059 due to an incorrect synchronization in the SMP cache, causing a Denial of Service via Ipc::Mem::PageStack::pop ABA during memory page/slot management. Affected component is the memory/page management list, with exploitation leading to a crash...

6.5CVSS6.4AI score0.04408EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2018/11/13 8:0 p.m.40 views

CVE-2018-2481

CVE-2018-2481 affects SAP_ABA components across SAP_ABA releases 7.00–7.02, 7.10–7.11, 7.30, 7.31, 7.40, 7.50 and 75C–75D. Description: a transaction code reserved for customers can be used to perform unauthorized transaction functionality by a malicious user, enabling elevation of privileges in ...

7.2CVSS7AI score0.01457EPSS
Exploits0References3Affected Software1
Openbugbounty
Openbugbounty
added 2018/01/08 1:37 p.m.10 views

aba-svc.jp XSS vulnerability

Open Bug Bounty ID: OBB-501151 Description| Value ---|--- Affected Website:| aba-svc.jp Open Bug Bounty Program:| Not created yet Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Disclosure...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/10/06 12:18 p.m.9 views

aba.insightcommerce.net XSS vulnerability

Vulnerable URL: http://aba.insightcommerce.net/?mainURL=javascript:alert/OPENBUGBOUNTY/ Details: Description| Value ---|--- Patched:| No Latest check for patch:| 04.01.2018 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated VIP website status:|...

6.3AI score
Exploits0
CNVD
CNVD
added 2017/08/25 12:0 a.m.3 views

SAP Netweaver ABA Workbench Tools Certification Bypass Vulnerability

SAP NetWeaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. An authentication bypass vulnerability exists in SAP Netweaver ABA Workbench Tools. An attacker could exploit th...

7AI score
Exploits0References1
CNVD
CNVD
added 2016/10/12 12:0 a.m.6 views

SAP Netweaver 2004s SAP_BASIS and SAP_ABA Component Message Forgery Vulnerability

SAP NetWeaver is the German SAP SAP company's set of service-oriented integrated application platform. An information forgery vulnerability exists in the SAPBASIS and SAPABA components in SAP Netweaver 2004s, version 7.00 SP Level 0031, which can be exploited by a remote attacker to forge an IP...

7.5CVSS6.7AI score0.01354EPSS
Exploits0References1
Rows per page
Query Builder