191 matches found
SAP Adaptive Server Enterprise Elevation of Privilege Vulnerability
SAP Adaptive Server Enterprise ASE is a relational database server from SAP, Germany. An elevation of privilege vulnerability exists in SAP Adaptive Server Enterprise. The vulnerability stems from an incorrect programmatic call to an advanced local procedure. An attacker could use the vulnerabili...
SAP Adaptive Server Enterprise 安全漏洞
SAP Adaptive Server Enterprise ASE is a relational database server from SAP, Germany. An elevation of privilege vulnerability exists in SAP Adaptive Server Enterprise. The vulnerability stems from an incorrect programmatic call to an advanced local procedure. An attacker could use the vulnerabili...
CVE-2022-22528
SAP Adaptive Server Enterprise ASE - version 16.0, installation makes an entry in the system PATH environment variable in Windows platform which, under certain conditions, allows a Standard User to execute malicious Windows binaries which may lead to privilege escalation on the local system. The...
CVE-2022-22528
SAP Adaptive Server Enterprise ASE - version 16.0, installation makes an entry in the system PATH environment variable in Windows platform which, under certain conditions, allows a Standard User to execute malicious Windows binaries which may lead to privilege escalation on the local system. The...
CVE-2022-22528
SAP Adaptive Server Enterprise ASE - version 16.0, installation makes an entry in the system PATH environment variable in Windows platform which, under certain conditions, allows a Standard User to execute malicious Windows binaries which may lead to privilege escalation on the local system. The...
CVE-2022-22528
CVE-2022-22528 affects SAP Adaptive Server Enterprise (ASE) version 16.0 on Windows, where the installer writes an entry to the system PATH. Under certain conditions this can allow a Standard User to execute malicious Windows binaries, enabling local privilege escalation. The issue is tied to the...
CVE-2022-22528
SAP Adaptive Server Enterprise ASE - version 16.0, installation makes an entry in the system PATH environment variable in Windows platform which, under certain conditions, allows a Standard User to execute malicious Windows binaries which may lead to privilege escalation on the local system. The...
SAP 3D Visual Enterprise Viewer 输入验证错误漏洞
SAP 3D Visual Enterprise Viewer is a 3D view viewer from SAP, Germany. The software supports publishing of 2D and 3D scenes in all industry-standard desktop applications and supports separate installations with standalone executables and ActiveX space. An input validation error vulnerability exis...
SAP Adaptive Server Enterprise 代码问题漏洞
SAP Adaptive Server Enterprise ASE is a relational database server from SAP, Germany. A code issue vulnerability exists in SAP Adaptive Server Enterprise, which can be exploited by attackers to compromise vulnerable systems, including Business Objects, SAP CRM Web Channel, SAP CRM, SAP ERP,...
SAP NetWeaver AS SQL注入漏洞
SAP NetWeaver AS is a SAP network application server from SAP. It not only provides network services, but also the basic platform for SAP software. SAP NetWeaver AS has a SQL injection vulnerability that can be exploited by attackers to threaten vulnerable systems, including Business Objects, SAP...
The vulnerability of the Cockpit database component in Adaptive Server Enterprise, which allows a hacker to disclose protected information
The vulnerability of the Cockpit database component in Adaptive Server Enterprise is related to the lack of protection for operational data. Exploiting this vulnerability can allow an attacker to disclose the protected information...
SAP Adaptive Server Enterprise Information Disclosure Vulnerability (CNVD-2020-74929)
SAP Adaptive Server Enterprise ASE is a relational database server from SAP, Germany. An information disclosure vulnerability exists in SAP Adaptive Server Enterprise. The vulnerability allows an attacker with local access rights to access sensitive information that appears in installation log...
CVE-2020-6317
In certain situations, an attacker with regular user credentials and local access to an ASE cockpit installation can access sensitive information which appears in the installation log files. This information although sensitive is of limited utility and cannot be used to further access, modify or...
CVE-2020-6317
In certain situations, an attacker with regular user credentials and local access to an ASE cockpit installation can access sensitive information which appears in the installation log files. This information although sensitive is of limited utility and cannot be used to further access, modify or...
Design/Logic Flaw
In certain situations, an attacker with regular user credentials and local access to an ASE cockpit installation can access sensitive information which appears in the installation log files. This information although sensitive is of limited utility and cannot be used to further access, modify or...
CVE-2020-6317
Technical details are not publicly available in the provided documents. Monitor for updates.
CVE-2020-6317
In certain situations, an attacker with regular user credentials and local access to an ASE cockpit installation can access sensitive information which appears in the installation log files. This information although sensitive is of limited utility and cannot be used to further access, modify or...
SAP Adaptive Server Enterprise Information Disclosure Vulnerability (CNVD-2020-46790)
SAP Adaptive Server Enterprise ASE is a relational database server from SAP, Germany. An information disclosure vulnerability exists in SAP ASE version 16.0. An attacker could exploit the vulnerability to access encrypted sensitive information...
CVE-2020-6295
Under certain conditions the SAP Adaptive Server Enterprise, version 16.0, allows an attacker to access encrypted sensitive and confidential information through publicly readable installation log files leading to a compromise of the installed Cockpit. This compromise could enable the attacker to...
CVE-2020-6295
Under certain conditions the SAP Adaptive Server Enterprise, version 16.0, allows an attacker to access encrypted sensitive and confidential information through publicly readable installation log files leading to a compromise of the installed Cockpit. This compromise could enable the attacker to...