16 matches found
EUVD-2025-27208
Malicious code in bioql PyPI...
CVE-2025-42923
Due to insufficient CSRF protection in SAP Fiori App Manage Work Center Groups, an authenticated user could be tricked by an attacker to send unintended request to the web server. This has low impact on integrity and no impact on confidentiality and availability of the application...
CVE-2025-42914
Due to missing authorization checks, SAP HCM My Timesheet Fiori 2.0 application allows an authenticated attacker with in-depth system knowledge to escalate privileges and perform activities that are otherwise restricted, resulting in a low impact on the integrity of the application. Confidentiali...
CVE-2025-42912
SAP HCM My Timesheet Fiori 2.0 application does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This issue has a significant impact on the application's integrity, while confidentiality and availability remain unaffected...
CVE-2025-42913
Due to missing authorization checks, SAP HCM My Timesheet Fiori 2.0 application allows an authenticated attacker with in-depth system knowledge to escalate privileges and perform activities that are otherwise restricted, resulting in a low impact on the integrity of the application. Confidentiali...
CVE-2025-42917
SAP HCM Approve Timesheets Fiori 2.0 application does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This issue has a significant impact on the application's integrity, while confidentiality and availability remain unaffected...
CVE-2025-42912
SAP HCM My Timesheet Fiori 2.0 application does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This issue has a significant impact on the application's integrity, while confidentiality and availability remain unaffected...
CVE-2025-42917 Missing Authorization check in SAP HCM (Approve Timesheets Fiori 2.0 application)
SAP HCM Approve Timesheets Fiori 2.0 application does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This issue has a significant impact on the application's integrity, while confidentiality and availability remain unaffected...
CVE-2025-42917
CVE-2025-42917 affects SAP HCM Approve Timesheets Fiori 2.0 application. The root cause is missing authorization checks for an authenticated user, enabling privilege escalation that compromises integrity while confidentiality and availability remain unaffected. The public sources describe the vul...
CVE-2025-42914 Missing Authorization check in SAP HCM (My Timesheet Fiori 2.0 application)
Due to missing authorization checks, SAP HCM My Timesheet Fiori 2.0 application allows an authenticated attacker with in-depth system knowledge to escalate privileges and perform activities that are otherwise restricted, resulting in a low impact on the integrity of the application. Confidentiali...
CVE-2025-42914
CVE-2025-42914 affects the SAP HCM My Timesheet Fiori 2.0 application. The root cause is missing authorization checks, enabling an authenticated attacker with in-depth system knowledge to escalate privileges and perform restricted activities. Impact is described as low for integrity; confidential...
CVE-2025-42913 Missing Authorization check in SAP HCM (My Timesheet Fiori 2.0 application)
Due to missing authorization checks, SAP HCM My Timesheet Fiori 2.0 application allows an authenticated attacker with in-depth system knowledge to escalate privileges and perform activities that are otherwise restricted, resulting in a low impact on the integrity of the application. Confidentiali...
CVE-2025-42913 Missing Authorization check in SAP HCM (My Timesheet Fiori 2.0 application)
Due to missing authorization checks, SAP HCM My Timesheet Fiori 2.0 application allows an authenticated attacker with in-depth system knowledge to escalate privileges and perform activities that are otherwise restricted, resulting in a low impact on the integrity of the application. Confidentiali...
PT-2025-36546
Name of the Vulnerable Software and Affected Versions: SAP HCM My Timesheet Fiori 2.0 application affected versions not specified Description: The SAP HCM My Timesheet Fiori 2.0 application is susceptible to a privilege escalation issue stemming from missing authorization checks. An authenticated...
CVE-2023-49584
SAP Fiori launchpad - versions SAPUI 750, SAPUI 754, SAPUI 755, SAPUI 756, SAPUI 757, SAPUI 758, UI700 200, SAPBASIS 793, allows an attacker to use HTTP verb POST on read-only service causing low impact on Confidentiality of the application...
Unspecified Vulnerability in SAP S/4 HANA Fiori UI for General Ledger Accounting
SAP HANA is a set of high-performance real-time data analytics platform from Germany's SAP SAP. The platform provides data query functions to support users to query real-time business data query and analysis. A security vulnerability exists in SAP S/4 HANA Fiori UI for General Ledger Accounting...