25 matches found
EUVD-2019-17283
Malware in sbrugna...
EUVD-2024-32699
Malicious code in bioql PyPI...
EUVD-2024-41414
Malicious code in bioql PyPI...
CVE-2024-45282
Fields which are in 'read only' state in Bank Statement Draft in Manage Bank Statements application, could be modified by MERGE method. The property of an OData entity representing assumably immutable method is not protected against external modifications leading to integrity violations...
CVE-2024-4138
Manage Bank Statement ReProcessing Rules does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. By exploiting this vulnerability, an attacker can enable/disable the sharing rule of other users affecting the integrity of the application...
CVE-2025-27433
The Manage Bank Statements in SAP S/4HANA allows authenticated attacker to bypass certain functionality restrictions of the application and upload files to a reversed bank statement. This vulnerability has a low impact on the application's integrity, with no effect on confidentiality and...
CVE-2025-27436
CVE-2025-27436 affects SAP S/4HANA: Manage Bank Statements allows an authenticated user to delete the attachment of a posted bank statement due to missing access-control checks. Impact is low on integrity with no confidentiality or availability impact. Root cause described as insufficient authori...
SAP S/4HANA 安全漏洞
SAP S/4HANA is an enterprise resource management software based on the SAP HANA in-memory database system from SAP, Germany. A security vulnerability exists in SAP S/4HANA that stems from bypassing a functionality restriction that could result in uploading files to a reverse bank statement...
CVE-2024-45282
Fields which are in 'read only' state in Bank Statement Draft in Manage Bank Statements application, could be modified by MERGE method. The property of an OData entity representing assumably immutable method is not protected against external modifications leading to integrity violations...
CVE-2024-45282
Fields which are in 'read only' state in Bank Statement Draft in Manage Bank Statements application, could be modified by MERGE method. The property of an OData entity representing assumably immutable method is not protected against external modifications leading to integrity violations...
PT-2024-7173 · Sap · Sap S/4Hana
Name of the Vulnerable Software and Affected Versions: SAP S/4HANA affected versions not specified Description: The issue is related to the Manage Bank Statement Handler component of the SAP S/4HANA platform. It is caused by the lack of a mechanism to prevent unintended changes to resources when...
CVE-2024-4139
Manage Bank Statement ReProcessing Rules does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. By exploiting this vulnerability, an attacker can delete rules of other users affecting the integrity of the application. Confidentiality and...
CVE-2024-4138 Missing Authorization Checks in SAP S/4 HANA (Manage Bank Statement Reprocessing Rules)
Manage Bank Statement ReProcessing Rules does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. By exploiting this vulnerability, an attacker can enable/disable the sharing rule of other users affecting the integrity of the application...
CVE-2024-4138 Missing Authorization Checks in SAP S/4 HANA (Manage Bank Statement Reprocessing Rules)
Manage Bank Statement ReProcessing Rules does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. By exploiting this vulnerability, an attacker can enable/disable the sharing rule of other users affecting the integrity of the application...
CVE-2024-4139
Brings CVE-2024-4139: SAP S/4HANA Manage Bank Statement ReProcessing Rules suffers from missing authorization checks for authenticated users, enabling privilege escalation. Affected component is the rule management module; attacker can delete other users’ rules, compromising integrity. Confidenti...
CVE-2024-4139 Missing Authorization Checks in SAP S/4 HANA (Manage Bank Statement Reprocessing Rules)
Manage Bank Statement ReProcessing Rules does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. By exploiting this vulnerability, an attacker can delete rules of other users affecting the integrity of the application. Confidentiality and...
CVE-2024-4139 Missing Authorization Checks in SAP S/4 HANA (Manage Bank Statement Reprocessing Rules)
Manage Bank Statement ReProcessing Rules does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. By exploiting this vulnerability, an attacker can delete rules of other users affecting the integrity of the application. Confidentiality and...
PT-2024-29385 · Unknown · Manage Bank Statement Reprocessing Rules
Name of the Vulnerable Software and Affected Versions: Manage Bank Statement ReProcessing Rules affected versions not specified Description: The issue is related to insufficient authorization checks for authenticated users, leading to potential escalation of privileges. An attacker can exploit th...
CVE-2019-7755
In webERP 4.15, the Import Bank Transactions function fails to sanitize the content of imported MT940 bank statement files, resulting in the execution of arbitrary SQL queries, aka SQL Injection...
CVE-2019-7755
In webERP 4.15, the Import Bank Transactions function fails to sanitize the content of imported MT940 bank statement files, resulting in the execution of arbitrary SQL queries, aka SQL Injection...