SAP NetWeaver AS Java Apache Log4j Vulnerability (3726899)

The version of SAP NetWeaver Application Server Java detected on the remote host is affected by a vulnerability in the Apache Log4j library as referenced in SAP Security Note 3726899: - The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname...

EUVD-2019-1048

Malware in sbrugna...

EUVD-2019-1091

Malware in sbrugna...

EUVD-2022-48771

Malicious code in bioql PyPI...

CVE-2022-45927

An issue was discovered in OpenText Content Suite Platform 22.1 16.2.19.1803. The Java application server can be used to bypass the authentication of the QDS endpoints of the Content Server. These endpoints can be used to create objects and execute arbitrary code...

CVE-2020-6313

SAP NetWeaver Application Server JAVAXML Forms versions 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user controlled inputs, which allows an authenticated User with special roles to store malicious content, that when accessed by a victim, can perform malicious actions by executing...

CVE-2019-0327

SAP NetWeaver for Java Application Server - Web Container, engineapi, versions 7.1, 7.2, 7.3, 7.31, 7.4 and 7.5, servercode, versions 7.2, 7.3, 7.31, 7.4, 7.5, allows an attacker to upload files including script files without proper file format validation...

The vulnerability of SAP NetWeaver Java Application Server web applications stems from deficiencies in the authentication process, allowing attackers to gain unauthorized access to protected information.

The vulnerability of SAP NetWeaver Java Application Server web applications is related to deficiencies in the authentication process. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

SAP NetWeaver AS 访问控制错误漏洞

SAP NetWeaver AS is a SAP network application server from SAP. It not only provides web services, but is also the basic platform for SAP software. An access control error vulnerability exists in SAP NetWeaver AS Java for Deploy Service version 7.5, which stems from not performing any access contr...

CVE-2023-26460

Cache Management Service in SAP NetWeaver Application Server for Java - version 7.50, does not perform any authentication checks for functionalities that require user identity...

CVE-2022-45927

An issue was discovered in OpenText Content Suite Platform 22.1 16.2.19.1803. The Java application server can be used to bypass the authentication of the QDS endpoints of the Content Server. These endpoints can be used to create objects and execute arbitrary code...

CVE-2022-45927

An issue was discovered in OpenText Content Suite Platform 22.1 16.2.19.1803. The Java application server can be used to bypass the authentication of the QDS endpoints of the Content Server. These endpoints can be used to create objects and execute arbitrary code...

CVE-2022-45927

An issue was discovered in OpenText Content Suite Platform 22.1 16.2.19.1803. The Java application server can be used to bypass the authentication of the QDS endpoints of the Content Server. These endpoints can be used to create objects and execute arbitrary code...

IBM WebSphere Application Server Liberty 安全漏洞

IBM WebSphere Application Server Liberty is a Java application server built on top of the Open Liberty project from International Business Machines IBM. IBM WebSphere Application Server Liberty has a denial-of-service vulnerability that stems from a flaw in the parser of text-formatted data, whic...

IBM Websphere AS Access Control Error Vulnerability

IBM WebSphere Application Server Liberty is a U.S. IBM company built on the Open Liberty project on top of the Java application server . A security vulnerability exists in IBM WebSphere Application Server Liberty that can be exploited by an attacker to bypass access restrictions to WebSphere AS...

The vulnerability of SAP NetWeaver Java Application Server web applications lies in incorrect path name restrictions for access to restricted catalogs, allowing attackers to gain unauthorized access to protected information.

The vulnerability of SAP NetWeaver Java Application Server web applications relates to incorrect restrictions on the path name to the restricted directory. Exploiting this vulnerability allows an attacker, operating remotely, to gain unauthorized access to protected information by sending a...

The vulnerability of the JMS Connector Service server in SAP NetWeaver Java Application Server allows attackers to circumvent existing security restrictions or execute arbitrary code.

The vulnerability of the JMS Connector Service server in SAP NetWeaver Java Application Server applications is related to deficiencies in the authentication mechanism. Exploiting this vulnerability allows a malicious actor to bypass existing security restrictions or execute arbitrary code by...

CVE-2021-37535

SAP NetWeaver Application Server Java JMS Connector Service - versions 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not perform necessary authorization checks for user privileges...

SAP NetWeaver AS 信息泄露漏洞

SAP NetWeaver AS is a SAP web application server from SAP, a German company. SAP NetWeaver AS JAVA has an information disclosure vulnerability that can be exploited by attackers to obtain sensitive information in HTTP requests...

SAP Netweaver 代码问题漏洞

SAP NetWeaver ABAP Server is an application server for ABAP Advanced Business Application Programming. A code issue vulnerability exists in SAP NetWeaver AS for JAVA, which can be exploited by remote attackers to submit a special request that can bypass security restrictions and allow unauthorize...