45 matches found
Astra Linux - уязвимость в chromium
In the UI framework of Google Chrome, using “after free” before version 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption through a crafted HTML page...
CVE-2023-29109
The SAP Application Interface Framework Message Dashboard - versions AIF 703, AIFX 702, S4CORE 101, SAPBASIS 755, 756, SAPABA 75C, 75D, 75E, application allows an Excel formula injection. An authorized attacker can inject arbitrary Excel formulas into fields like the Tooltip of the Custom Hints...
EUVD-2012-4985
Malware in sbrugna...
EUVD-2014-6452
Malware in sbrugna...
EUVD-2013-3724
Malware in sbrugna...
EUVD-2023-32712
Malicious code in bioql PyPI...
EUVD-2024-19352
Malicious code in bioql PyPI...
PT-2025-5815 · Unknown · Ui Framework
Name of the Vulnerable Software and Affected Versions: UI Framework affected versions not specified Description: The issue concerns a vulnerability of improper log information control in the UI framework module. Successful exploitation of this vulnerability may affect service confidentiality...
CVE-2024-21737
In SAP Application Interface Framework File Adapter - version 702, a high privilege user can use a function module to traverse through various layers and execute OS commands directly. By this, such user can control the behaviour of the application. This leads to considerable impact on...
CVE-2024-21737 Code Injection vulnerability in SAP Application Interface Framework (File Adapter)
In SAP Application Interface Framework File Adapter - version 702, a high privilege user can use a function module to traverse through various layers and execute OS commands directly. By this, such user can control the behaviour of the application. This leads to considerable impact on...
CVE-2024-21737 Code Injection vulnerability in SAP Application Interface Framework (File Adapter)
In SAP Application Interface Framework File Adapter - version 702, a high privilege user can use a function module to traverse through various layers and execute OS commands directly. By this, such user can control the behaviour of the application. This leads to considerable impact on...
SAP Application Interface Framework Code Injection Vulnerability
SAP Application Interface Framework SAP AIF is an application interface framework from SAP. A code injection vulnerability exists in the SAP Application Interface Framework File Adapter, which can be exploited to allow an elevated privilege user to traverse layers and directly execute operating...
ToUI 安全漏洞
ToUI is a Python package for creating user interfaces websites and desktop applications from HTML. A security vulnerability exists in ToUI versions 2.0.1 through 2.4.0 that stems from the use of the website.uservars attribute...
SAP Application Interface Framework Cross-Site Scripting Vulnerability
SAP Application Interface Framework SAP AIF is a German SAP SAP company's application program interface framework. A security vulnerability exists in the SAP Application Interface Framework that stems from the application allowing the use of HTML markup, which can be exploited by an attacker to...
CVE-2023-29109
The SAP Application Interface Framework Message Dashboard - versions AIF 703, AIFX 702, S4CORE 101, SAPBASIS 755, 756, SAPABA 75C, 75D, 75E, application allows an Excel formula injection. An authorized attacker can inject arbitrary Excel formulas into fields like the Tooltip of the Custom Hints...
Design/Logic Flaw
The SAP Application Interface Framework Message Dashboard - versions AIF 703, AIFX 702, S4CORE 101, SAPBASIS 755, 756, SAPABA 75C, 75D, 75E, application allows an Excel formula injection. An authorized attacker can inject arbitrary Excel formulas into fields like the Tooltip of the Custom Hints...
CVE-2023-29112 Code Injection vulnerability in SAP Application Interface Framework (Message Monitoring)
The SAP Application Interface Message Monitoring - versions 600, 700, allows an authorized attacker to input links or headings with custom CSS classes into a comment. The comment will render links and custom CSS classes as HTML objects. After successful exploitations, an attacker can cause limite...
CVE-2023-29111 Information Disclosure vulnerability in SAP Application Interface Framework (ODATA service)
The SAP AIF ODATA service - versions 755, 756, discloses more detailed information than is required. An authorized attacker can use the collected information possibly to exploit the component. As a result, an attacker can cause a low impact on the confidentiality of the application...
CVE-2023-29109 Code Injection vulnerability in SAP Application Interface Framework (Message Dashboard)
The SAP Application Interface Framework Message Dashboard - versions AIF 703, AIFX 702, S4CORE 101, SAPBASIS 755, 756, SAPABA 75C, 75D, 75E, application allows an Excel formula injection. An authorized attacker can inject arbitrary Excel formulas into fields like the Tooltip of the Custom Hints...
SAP Application Interface Framework 安全漏洞
SAP Application Interface Framework SAP AIF is an application interface framework from SAP. A security vulnerability exists in SAP Application Interface Framework Message Dashboard versions AIF 703, AIFX 702, S4CORE 101, SAPBASIS 755, 756, SAPABA 75C, 75D, 75E, and SAPABA 75C, 75D, 75E, and SAPAB...