190 matches found
SAP Internet Graphics Server (IGS) - XML External Entity Injection
SAP Internet Graphics Servers IGS running versions 7.20, 7.20EXT, 7.45, 7.49, or 7.53 has two XML external entity injection XXE vulnerabilities within the XMLCHART page - CVE-2018-2392 and CVE-2018-2393. These vulnerabilities occur due to a lack of appropriate validation on the Extension HTML tag...
CVE-2021-27625
SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method IgsData::freeMemory which will trigge...
CVE-2021-27627
SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method ChartInterpreter::DoIt which will...
CVE-2021-27620
SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method Ups::AddPart which will trigger an...
CVE-2021-27623
SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method CXmlUtility::CheckLength which will...
CVE-2021-27624
SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method CiXMLIStreamRawBuffer::readRaw which...
CVE-2021-27626
SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method CMiniXMLParser::Parse which will...
EUVD-2018-14245
Malware in sbrugna...
EUVD-2021-14367
Malware in sbrugna...
EUVD-2018-14242
Malware in sbrugna...
EUVD-2018-14241
Malware in sbrugna...
EUVD-2006-6329
Malware in sbrugna...
EUVD-2021-14371
Malware in sbrugna...
EUVD-2021-14374
Malware in sbrugna...
EUVD-2018-14294
Malware in sbrugna...
EUVD-2006-4124
Malware in sbrugna...
EUVD-2018-14243
Malware in sbrugna...
EUVD-2018-14251
Malware in sbrugna...
EUVD-2021-14370
Malware in sbrugna...
EUVD-2021-14369
Malware in sbrugna...