64 matches found
CVE-2025-26385
Johnson Controls Metasys component listed below have Improper Neutralization of Special Elements used in a Command Command Injection Vulnerability . Successful exploitation of this vulnerability could allow remote SQL execution This issue affects Metasys: Application and Data Server ADS installed...
PT-2026-5389
Name of the Vulnerable Software and Affected Versions Johnson Controls Metasys versions 12.0 through 14.1 Johnson Controls Metasys Application and Data Server ADS versions 14.1 and prior Johnson Controls Metasys Extended Application and Data Server ADX version 14.1 Johnson Controls Metasys System...
EUVD-2019-1079
Malware in sbrugna...
SAP HANA Extended Application Services Input Validation Error Vulnerability (CNVD-2020-09649)
SAP HANA is a high-performance real-time data analytics platform from SAP. The platform provides data query functions to support users to query real-time business data query and analysis.Extended Application Services is an application server, Web server and SAP HANA System within the Web...
SAP HANA Extended Application Services Input Validation Error Vulnerability
SAP HANA is a high-performance real-time data analytics platform from SAP. The platform provides data query functions to support users to query real-time business data query and analysis.Extended Application Services is an application server, Web server and SAP HANA System within the Web...
CVE-2019-0364
Attackers may misuse an HTTP/REST endpoint of SAP HANA Extended Application Services Advanced model, before version 1.0.118, to enumerate open ports...
CVE-2019-0363
Attackers may misuse an HTTP/REST endpoint of SAP HANA Extended Application Services Advanced model, before version 1.0.118, to overload the server or retrieve information about internal network ports...
CVE-2019-0363
Attackers may misuse an HTTP/REST endpoint of SAP HANA Extended Application Services Advanced model, before version 1.0.118, to overload the server or retrieve information about internal network ports...
CVE-2019-0363
CVE-2019-0363 affects SAP HANA Extended Application Services (Advanced model). An HTTP/REST endpoint may be misused before version 1.0.118 to overload the SAP HANA server or to reveal information about internal network ports. This describes a network-based issue in the HTTP/REST interface with a ...
SAP HANA Extended Application Services External Entity Injection Vulnerability
SAP HANA is a high-performance real-time data analytics platform from SAP. The platform provides data query functions to support users to query real-time business data query and analysis.Extended Application Services is an application server, Web server and SAP HANA System within the Web...
SAP HANA Extended Application Services Information Disclosure Vulnerability (CNVD-2019-34744)
SAP HANA is a high-performance real-time data analytics platform from SAP. The platform provides data query functions to support users to query real-time business data query and analysis.Extended Application Services is an application server, Web server and SAP HANA System within the Web...
Design/Logic Flaw
SAP HANA Extended Application Services advanced model, version 1, allows authenticated low privileged XS Advanced Platform users such as SpaceAuditors to execute requests to obtain a complete list of SAP HANA user IDs and names...
CVE-2019-0306
SAP HANA Extended Application Services advanced model, version 1, allows authenticated low privileged XS Advanced Platform users such as SpaceAuditors to execute requests to obtain a complete list of SAP HANA user IDs and names...
CVE-2019-0277
SAP HANA extended application services, version 1, advanced does not sufficiently validate an XML document accepted from an authenticated developer with privileges to the SAP space XML External Entity vulnerability...
CVE-2019-0266
Under certain conditions SAP HANA Extended Application Services, version 1.0, advanced model XS advanced writes credentials of platform users to a trace file of the SAP HANA system. Even though this trace file is protected from unauthorized access, the risk of leaking information is increased...
SAP HANA Extended Application Service Information Disclosure Vulnerability
SAP HANA is a high-performance real-time data analytics platform from SAP. The platform provides data query functions to support users to query real-time business data query and analysis.Extended Application Services is an application server, Web server and SAP HANA System within the Web...
CVE-2018-2465
SAP HANA versions 1.0 and 2.0 Extended Application Services classic model OData parser does not sufficiently validate XML. By exploiting, an unauthorized hacker can cause the database server to crash...
CVE-2018-2465
SAP HANA versions 1.0 and 2.0 Extended Application Services classic model OData parser does not sufficiently validate XML. By exploiting, an unauthorized hacker can cause the database server to crash...
SAP HANA Extended Application Services Information Disclosure Vulnerability (CNVD-2019-09633)
SAP HANA is a high-performance real-time data analytics platform from SAP, which provides data query functions that allow users to directly query and analyze a large amount of real-time business data.Extended Application Services XS is a development environment for application servers, Web server...
CVE-2018-2451
XS Command-Line Interface CLI user sessions with the SAP HANA Extended Application Services XS, version 1, advanced server may have an unintentional prolonged period of validity. Consequently, a platform user could access controller resources via active CLI session even after corresponding...