Lucene search
K

5 matches found

Vulnrichment
Vulnrichment
added 2026/06/09 12:21 a.m.8 views

CVE-2026-44751 Missing Authorization check in Application Server ABAP of SAP NetWeaver and ABAP Platform

Application server ABAP does not perform necessary authorization checks for an authenticated user allowing an attacker to execute a report generation command which could overwrite information belonging to another user, resulting in escalation of privileges. This has high impact on integrity with...

7.1CVSS5.6AI score0.00207EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/12 2:21 a.m.60 views

CVE-2026-40136 Denial of service (DoS) in SAP Financial Consolidation

SAP Financial Consolidation allows an authenticated attacker to disconnect other users by terminating their sessions temporarily preventing access. However, the application itself cannot be compromised resulting in a low impact on availability. There is no impact on confidentiality and integrity ...

4.3CVSS0.0029EPSS
Exploits0References2
NVD
NVD
added 2026/03/18 8:16 a.m.10 views

CVE-2026-22323

A CSRF vulnerability in the Link Aggregation configuration interface allows an unauthenticated remote attacker to trick authenticated users into sending unauthorized POST requests to the device by luring them to a malicious webpage. This can silently alter the device’s configuration without the...

7.1CVSS0.00178EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/14 12:0 a.m.7 views

PT-2025-41837

Name of the Vulnerable Software and Affected Versions SAP NetWeaver AS ABAP and ABAP Platform affected versions not specified Description A memory corruption issue exists in SAP NetWeaver AS ABAP and ABAP Platform. An unauthenticated attacker can exploit this by sending a corrupted SAP Logon Tick...

5.3CVSS6.5AI score0.00353EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/08/12 2:9 a.m.8 views

CVE-2025-42955 Missing authorization check in SAP Cloud Connector

Due to a missing authorization check in SAP Cloud Connector, an attacker on an adjacent network with low privileges could send a crafted request to the endpoint responsible for testing LDAP connections. A successful exploit could lead to reduced performance, hence a low-impact on availability of...

3.5CVSS0.00401EPSS
Exploits0References2
Rows per page
Query Builder