PT-2026-2327

Name of the Vulnerable Software and Affected Versions SAP Landscape Transformation affected versions not specified Description The software contains a flaw in a function module exposed via Remote Function Call RFC that allows an attacker with administrative privileges to inject arbitrary ABAP cod...

PT-2026-2334

Name of the Vulnerable Software and Affected Versions SAP S/4HANA Private Cloud and On-Premise affected versions not specified Description The software contains a flaw in a function module exposed via Remote Function Call RFC. An attacker with administrative privileges can exploit this to inject...

EUVD-2016-10632

Malware in sbrugna...

CVE-2025-42957

SAP S/4HANA allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks. This vulnerability effectively functions as a backdoor, creating...

CVE-2025-42950 Code Injection Vulnerability in SAP Landscape Transformation (Analysis Platform)

SAP Landscape Transformation SLT allows an attacker with user privileges to exploit a vulnerability in the function module exposed via RFC. This flaw enables the injection of arbitrary ABAP code into the system, bypassing essential authorization checks. This vulnerability effectively functions as...

CVE-2016-9832

PricewaterhouseCoopers PwC ACE-ABAP 8.10.304 for SAP Security allows remote authenticated users to conduct ABAP injection attacks and execute arbitrary code via 1 SAPGUI or 2 Internet Communication Framework ICF over HTTP or HTTPS, as demonstrated by WEBGUI or Report...

CVE-2016-9832

PricewaterhouseCoopers PwC ACE-ABAP 8.10.304 for SAP Security allows remote authenticated users to conduct ABAP injection attacks and execute arbitrary code via 1 SAPGUI or 2 Internet Communication Framework ICF over HTTP or HTTPS, as demonstrated by WEBGUI or Report...

Design/Logic Flaw

PricewaterhouseCoopers PwC ACE-ABAP 8.10.304 for SAP Security allows remote authenticated users to conduct ABAP injection attacks and execute arbitrary code via 1 SAPGUI or 2 Internet Communication Framework ICF over HTTP or HTTPS, as demonstrated by WEBGUI or Report...

CVE-2016-9832

PricewaterhouseCoopers PwC ACE-ABAP 8.10.304 for SAP Security allows remote authenticated users to conduct ABAP injection attacks and execute arbitrary code via 1 SAPGUI or 2 Internet Communication Framework ICF over HTTP or HTTPS, as demonstrated by WEBGUI or Report...

CVE-2016-9832

CVE-2016-9832 involves PwC ACE-ABAP 8.10.304 for SAP Security. A remote authenticated attacker can perform ABAP injection via SAPGUI or Internet Communication Framework (ICF) over HTTP/HTTPS (WEBGUI or Report) to execute arbitrary code. CNVD/related records describe remote code execution and pote...

OpenText/IXOS ECM for SAP NetWeaver code exeution

ABAP code injection...