42 matches found
EUVD-2019-1048
Malware in sbrugna...
EUVD-2019-1091
Malware in sbrugna...
EUVD-2022-48771
Malicious code in bioql PyPI...
CVE-2022-45927
An issue was discovered in OpenText Content Suite Platform 22.1 16.2.19.1803. The Java application server can be used to bypass the authentication of the QDS endpoints of the Content Server. These endpoints can be used to create objects and execute arbitrary code...
CVE-2020-6313
SAP NetWeaver Application Server JAVAXML Forms versions 7.30, 7.31, 7.40, 7.50 does not sufficiently encode user controlled inputs, which allows an authenticated User with special roles to store malicious content, that when accessed by a victim, can perform malicious actions by executing...
CVE-2019-0327
SAP NetWeaver for Java Application Server - Web Container, engineapi, versions 7.1, 7.2, 7.3, 7.31, 7.4 and 7.5, servercode, versions 7.2, 7.3, 7.31, 7.4, 7.5, allows an attacker to upload files including script files without proper file format validation...
SAP NetWeaver AS 访问控制错误漏洞
SAP NetWeaver AS is a SAP network application server from SAP. It not only provides web services, but is also the basic platform for SAP software. An access control error vulnerability exists in SAP NetWeaver AS Java for Deploy Service version 7.5, which stems from not performing any access contr...
CVE-2023-26460
Cache Management Service in SAP NetWeaver Application Server for Java - version 7.50, does not perform any authentication checks for functionalities that require user identity...
CVE-2022-45927
An issue was discovered in OpenText Content Suite Platform 22.1 16.2.19.1803. The Java application server can be used to bypass the authentication of the QDS endpoints of the Content Server. These endpoints can be used to create objects and execute arbitrary code...
CVE-2022-45927
An issue was discovered in OpenText Content Suite Platform 22.1 16.2.19.1803. The Java application server can be used to bypass the authentication of the QDS endpoints of the Content Server. These endpoints can be used to create objects and execute arbitrary code...
CVE-2022-45927
An issue was discovered in OpenText Content Suite Platform 22.1 16.2.19.1803. The Java application server can be used to bypass the authentication of the QDS endpoints of the Content Server. These endpoints can be used to create objects and execute arbitrary code...
IBM WebSphere Application Server Liberty 安全漏洞
IBM WebSphere Application Server Liberty is a Java application server built on top of the Open Liberty project from International Business Machines IBM. IBM WebSphere Application Server Liberty has a denial-of-service vulnerability that stems from a flaw in the parser of text-formatted data, whic...
IBM Websphere AS Access Control Error Vulnerability
IBM WebSphere Application Server Liberty is a U.S. IBM company built on the Open Liberty project on top of the Java application server . A security vulnerability exists in IBM WebSphere Application Server Liberty that can be exploited by an attacker to bypass access restrictions to WebSphere AS...
CVE-2021-37535
SAP NetWeaver Application Server Java JMS Connector Service - versions 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not perform necessary authorization checks for user privileges...
SAP NetWeaver AS 信息泄露漏洞
SAP NetWeaver AS is a SAP web application server from SAP, a German company. SAP NetWeaver AS JAVA has an information disclosure vulnerability that can be exploited by attackers to obtain sensitive information in HTTP requests...
SAP Netweaver 代码问题漏洞
SAP NetWeaver ABAP Server is an application server for ABAP Advanced Business Application Programming. A code issue vulnerability exists in SAP NetWeaver AS for JAVA, which can be exploited by remote attackers to submit a special request that can bypass security restrictions and allow unauthorize...
SAP NetWeaver Application Server for Java Information Disclosure Vulnerability
SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. An information disclosure vulnerability exists in SAP NetWeaver Application Server for Java versions 7.30, 7.31,...
CVE-2020-26829
SAP NetWeaver AS JAVA P2P Cluster Communication, versions - 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows arbitrary connections from processes because of missing authentication check, that are outside the cluster and even outside the network segment dedicated for the internal cluster communication. ...
CVE-2020-26820
SAP NetWeaver AS JAVA, versions - 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker who is authenticated as an administrator to use the administrator console, to expose unauthenticated access to the file system and upload a malicious file. The attacker or another user can then use a separate...
Debian: Security Advisory (DLA-2407-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...