Lucene search
+L

116 matches found

Cvelist
Cvelist
added 2024/10/20 12:0 a.m.24 views

CVE-2024-10160 PHPGurukul Boat Booking System BW Dates Report Page bwdates-report-details.php sql injection

A vulnerability, which was classified as critical, has been found in PHPGurukul Boat Booking System 1.0. Affected by this issue is some unknown functionality of the file /admin/bwdates-report-details.php of the component BW Dates Report Page. The manipulation of the argument fdate/tdate leads to...

6.5CVSS0.00518EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2024/10/20 12:0 a.m.13 views

CVE-2024-10160 PHPGurukul Boat Booking System BW Dates Report Page bwdates-report-details.php sql injection

A vulnerability, which was classified as critical, has been found in PHPGurukul Boat Booking System 1.0. Affected by this issue is some unknown functionality of the file /admin/bwdates-report-details.php of the component BW Dates Report Page. The manipulation of the argument fdate/tdate leads to...

6.5CVSS7.5AI score0.00518EPSS
Exploits1References5
OSV
OSV
added 2024/09/27 1:15 p.m.10 views

UBUNTU-CVE-2024-46811

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index may exceed array range within fpuupdatebwboundingbox Why Coverity reports OVERRUN warning. soc.numstates could be 40. But array range of bwparams-clktable.entries is 8. How Assert if soc.numstates great...

7.8CVSS6.5AI score0.00246EPSS
Exploits0References11
Debian CVE
Debian CVE
added 2024/08/21 12:6 a.m.39 views

CVE-2024-43879

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: handle 2x996 RU allocation in cfg80211calculatebitratehe Currently NL80211RATEINFOHERUALLOC2x996 is not handled in cfg80211calculatebitratehe, leading to below warning: kernel: invalid HE MCS: bw:6, ru:6 kernel:...

5.5CVSS5.7AI score0.00218EPSS
Exploits0
NVD
NVD
added 2024/06/11 3:15 a.m.20 views

CVE-2024-37176

SAP BW/4HANA Transformation and Data Transfer Process DTP allows an authenticated attacker to gain higher access levels than they should have by exploiting improper authorization checks. This results in escalation of privileges. It has no impact on the confidentiality of data but may have low...

5.5CVSS0.00276EPSS
Exploits0References2
CVE
CVE
added 2024/06/11 2:14 a.m.53 views

CVE-2024-37176

CVE-2024-37176 concerns SAP BW/4HANA Transformation and Data Transfer Process (DTP). The connected sources describe an authentication-required path where improper authorization checks allow an attacker to elevate privileges within the SAP BW/4HANA DTP, with no impact to data confidentiality and l...

5.5CVSS5.8AI score0.00276EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/06/11 2:14 a.m.28 views

CVE-2024-37176 Missing Authorization check in SAP BW/4HANA Transformation and DTP

SAP BW/4HANA Transformation and Data Transfer Process DTP allows an authenticated attacker to gain higher access levels than they should have by exploiting improper authorization checks. This results in escalation of privileges. It has no impact on the confidentiality of data but may have low...

5.5CVSS7.3AI score0.00276EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/11 2:14 a.m.29 views

CVE-2024-37176 Missing Authorization check in SAP BW/4HANA Transformation and DTP

SAP BW/4HANA Transformation and Data Transfer Process DTP allows an authenticated attacker to gain higher access levels than they should have by exploiting improper authorization checks. This results in escalation of privileges. It has no impact on the confidentiality of data but may have low...

5.5CVSS0.00276EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/06/11 12:0 a.m.5 views

SAP BW/4HANA Security Vulnerabilities

SAP BW/4HANA is a packaged data warehouse based on SAP HANA from SAP, Germany. A security vulnerability exists in SAP BW/4HANA that stems from allowing authenticated attackers to gain a higher level of access than they deserve by exploiting improper authorization checks, which can lead to privile...

5.5CVSS6.8AI score0.00276EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/06/04 12:0 a.m.6 views

PT-2024-4584 · Sap · Sap Bw/4Hana

Name of the Vulnerable Software and Affected Versions: SAP BW/4HANA affected versions not specified Description: The issue is related to improper authorization checks in the Transformation and Data Transfer Process DTP of SAP BW/4HANA, allowing an authenticated attacker to gain higher access leve...

5.5CVSS7.3AI score0.00276EPSS
Exploits0References9
Openbugbounty
Openbugbounty
added 2023/12/28 5:54 p.m.5 views

bw-qualite.fr Improper Access Control vulnerability OBB-3824254

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Openbugbounty
Openbugbounty
added 2023/12/18 5:46 p.m.10 views

bw-schmiedehausen.de Improper Access Control vulnerability OBB-3818047

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
CNNVD
CNNVD
added 2023/09/28 12:0 a.m.6 views

gnark-crypto Code Issue Vulnerability

gnark-crypto is an open source library from Consensys. Provides elliptic curve and pairing-based cryptography on BN, BLS12, BLS24 and BW6 curves. A code issue vulnerability exists in Consensys gnark-crypto 0.11.2 and earlier versions, which stems from the presence of a deserialization vulnerabili...

9.8CVSS7.1AI score0.00844EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2023/08/31 12:0 a.m.8 views

The vulnerability of the SAP BW BI Consumer Service (BICS) service in the SAP Data Management and Analytics systems, such as SAP Business Warehouse and SAP BW/4HANA, allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the SAP BW BI Consumer Service BICS module, which is part of the SAP Business Warehouse and SAP BW/4HANA data management and analytics systems, is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to gain...

6.8CVSS6.6AI score0.00444EPSS
Exploits0References2
NVD
NVD
added 2023/07/11 3:15 a.m.21 views

CVE-2023-33992

The SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAPBW 730, SAPBW 731, SAPBW 740, SAPBW 730, SAPBW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response. To be able to exploit this, the user still needs...

6.5CVSS5.1AI score0.00444EPSS
Exploits0References2
Prion
Prion
added 2023/07/11 3:15 a.m.20 views

Code injection

The SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAPBW 730, SAPBW 731, SAPBW 740, SAPBW 730, SAPBW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response. To be able to exploit this, the user still needs...

4CVSS6.4AI score0.00444EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2023/07/11 2:34 a.m.53 views

CVE-2023-33992 Missing Authorization Check in SAP Business Warehouse and SAP BW/4HANA

The SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAPBW 730, SAPBW 731, SAPBW 740, SAPBW 730, SAPBW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response. To be able to exploit this, the user still needs...

4.5CVSS6.8AI score0.00444EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/07/11 2:34 a.m.30 views

CVE-2023-33992 Missing Authorization Check in SAP Business Warehouse and SAP BW/4HANA

The SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAPBW 730, SAPBW 731, SAPBW 740, SAPBW 730, SAPBW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response. To be able to exploit this, the user still needs...

4.5CVSS6.6AI score0.00444EPSS
Exploits0References2
CVE
CVE
added 2023/07/11 2:34 a.m.59 views

CVE-2023-33992

CVE-2023-33992 concerns the SAP BW BICS layer in SAP Business Warehouse and SAP BW/4HANA (SAP_BW 730–731, 740, 750; DW4CORE 100–300) where unauthorized cell values can be exposed in data responses. The asset’s data exposure arises from a missing authorization check at the data level; exploitation...

6.5CVSS5.1AI score0.00444EPSS
Exploits0References2Affected Software2
Openbugbounty
Openbugbounty
added 2023/06/06 11:54 p.m.10 views

ua-bw.de Cross Site Scripting vulnerability OBB-3400354

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score
Exploits0
Rows per page
Query Builder