Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 8:57 a.m.6 views

CVE-2024-47579

An attacker authenticated as an administrator can use an exposed webservice to upload or download a custom PDF font file on the system server. Using the upload functionality to copy an internal file into a font file and subsequently using the download functionality to retrieve that file allows th...

6.8CVSS6.6AI score0.00544EPSS
Exploits0References1
NVD
NVD
added 2024/12/10 1:15 a.m.17 views

CVE-2024-47579

An attacker authenticated as an administrator can use an exposed webservice to upload or download a custom PDF font file on the system server. Using the upload functionality to copy an internal file into a font file and subsequently using the download functionality to retrieve that file allows th...

6.8CVSS0.00544EPSS
Exploits0References2
CVE
CVE
added 2024/12/10 12:12 a.m.86 views

CVE-2024-47580

CVE-2024-47580 affects SAP NetWeaver AS Java (Adobe Document Service). An attacker authenticated as an administrator can use an exposed webservice to create a PDF with an embedded attachment; by forcing the file to be an internal server file and downloading the PDF, they can read arbitrary server...

6.8CVSS6.5AI score0.00524EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/12/10 12:0 a.m.6 views

PT-2024-9338 · Sap · Sap Netweaver As Java

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS for Java affected versions not specified Description: The issue allows an attacker, authenticated as an administrator, to use an exposed webservice to upload or download a custom PDF font file on the system server. By...

6.8CVSS6.4AI score0.00544EPSS
Exploits0References9
Rows per page
Query Builder