116 matches found
CVE-2024-10160 PHPGurukul Boat Booking System BW Dates Report Page bwdates-report-details.php sql injection
A vulnerability, which was classified as critical, has been found in PHPGurukul Boat Booking System 1.0. Affected by this issue is some unknown functionality of the file /admin/bwdates-report-details.php of the component BW Dates Report Page. The manipulation of the argument fdate/tdate leads to...
CVE-2024-10160 PHPGurukul Boat Booking System BW Dates Report Page bwdates-report-details.php sql injection
A vulnerability, which was classified as critical, has been found in PHPGurukul Boat Booking System 1.0. Affected by this issue is some unknown functionality of the file /admin/bwdates-report-details.php of the component BW Dates Report Page. The manipulation of the argument fdate/tdate leads to...
UBUNTU-CVE-2024-46811
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index may exceed array range within fpuupdatebwboundingbox Why Coverity reports OVERRUN warning. soc.numstates could be 40. But array range of bwparams-clktable.entries is 8. How Assert if soc.numstates great...
CVE-2024-43879
In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: handle 2x996 RU allocation in cfg80211calculatebitratehe Currently NL80211RATEINFOHERUALLOC2x996 is not handled in cfg80211calculatebitratehe, leading to below warning: kernel: invalid HE MCS: bw:6, ru:6 kernel:...
CVE-2024-37176
SAP BW/4HANA Transformation and Data Transfer Process DTP allows an authenticated attacker to gain higher access levels than they should have by exploiting improper authorization checks. This results in escalation of privileges. It has no impact on the confidentiality of data but may have low...
CVE-2024-37176
CVE-2024-37176 concerns SAP BW/4HANA Transformation and Data Transfer Process (DTP). The connected sources describe an authentication-required path where improper authorization checks allow an attacker to elevate privileges within the SAP BW/4HANA DTP, with no impact to data confidentiality and l...
CVE-2024-37176 Missing Authorization check in SAP BW/4HANA Transformation and DTP
SAP BW/4HANA Transformation and Data Transfer Process DTP allows an authenticated attacker to gain higher access levels than they should have by exploiting improper authorization checks. This results in escalation of privileges. It has no impact on the confidentiality of data but may have low...
CVE-2024-37176 Missing Authorization check in SAP BW/4HANA Transformation and DTP
SAP BW/4HANA Transformation and Data Transfer Process DTP allows an authenticated attacker to gain higher access levels than they should have by exploiting improper authorization checks. This results in escalation of privileges. It has no impact on the confidentiality of data but may have low...
SAP BW/4HANA Security Vulnerabilities
SAP BW/4HANA is a packaged data warehouse based on SAP HANA from SAP, Germany. A security vulnerability exists in SAP BW/4HANA that stems from allowing authenticated attackers to gain a higher level of access than they deserve by exploiting improper authorization checks, which can lead to privile...
PT-2024-4584 · Sap · Sap Bw/4Hana
Name of the Vulnerable Software and Affected Versions: SAP BW/4HANA affected versions not specified Description: The issue is related to improper authorization checks in the Transformation and Data Transfer Process DTP of SAP BW/4HANA, allowing an authenticated attacker to gain higher access leve...
bw-qualite.fr Improper Access Control vulnerability OBB-3824254
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
bw-schmiedehausen.de Improper Access Control vulnerability OBB-3818047
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
gnark-crypto Code Issue Vulnerability
gnark-crypto is an open source library from Consensys. Provides elliptic curve and pairing-based cryptography on BN, BLS12, BLS24 and BW6 curves. A code issue vulnerability exists in Consensys gnark-crypto 0.11.2 and earlier versions, which stems from the presence of a deserialization vulnerabili...
The vulnerability of the SAP BW BI Consumer Service (BICS) service in the SAP Data Management and Analytics systems, such as SAP Business Warehouse and SAP BW/4HANA, allows a perpetrator to gain unauthorized access to protected information.
The vulnerability of the SAP BW BI Consumer Service BICS module, which is part of the SAP Business Warehouse and SAP BW/4HANA data management and analytics systems, is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to gain...
CVE-2023-33992
The SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAPBW 730, SAPBW 731, SAPBW 740, SAPBW 730, SAPBW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response. To be able to exploit this, the user still needs...
Code injection
The SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAPBW 730, SAPBW 731, SAPBW 740, SAPBW 730, SAPBW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response. To be able to exploit this, the user still needs...
CVE-2023-33992 Missing Authorization Check in SAP Business Warehouse and SAP BW/4HANA
The SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAPBW 730, SAPBW 731, SAPBW 740, SAPBW 730, SAPBW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response. To be able to exploit this, the user still needs...
CVE-2023-33992 Missing Authorization Check in SAP Business Warehouse and SAP BW/4HANA
The SAP BW BICS communication layer in SAP Business Warehouse and SAP BW/4HANA - version SAPBW 730, SAPBW 731, SAPBW 740, SAPBW 730, SAPBW 750, DW4CORE 100, DW4CORE 200, DW4CORE 300, may expose unauthorized cell values to the data response. To be able to exploit this, the user still needs...
CVE-2023-33992
CVE-2023-33992 concerns the SAP BW BICS layer in SAP Business Warehouse and SAP BW/4HANA (SAP_BW 730–731, 740, 750; DW4CORE 100–300) where unauthorized cell values can be exposed in data responses. The asset’s data exposure arises from a missing authorization check at the data level; exploitation...
ua-bw.de Cross Site Scripting vulnerability OBB-3400354
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...