Lucene search
K

17 matches found

EUVD
EUVD
added 2026/06/09 12:20 a.m.15 views

EUVD-2026-35280

Under certain conditions, when an unauthorized attacker accesses a specific endpoint, SAP Business Objects application leaks sensitive information .This has a low impact on the confidentiality of the data. There is no impact on integrity and availability of the application...

3.7CVSS5.5AI score0.00188EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/09 12:20 a.m.10 views

CVE-2026-44743

Under certain conditions, when an unauthorized attacker accesses a specific endpoint, SAP Business Objects application leaks sensitive information .This has a low impact on the confidentiality of the data. There is no impact on integrity and availability of the application...

3.7CVSS5.5AI score0.00188EPSS
Exploits0References3Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/05 7:26 p.m.10 views

CVE-2026-40136

SAP Financial Consolidation allows an authenticated attacker to disconnect other users by terminating their sessions temporarily preventing access. However, the application itself cannot be compromised resulting in a low impact on availability. There is no impact on confidentiality and integrity ...

4.3CVSS5.4AI score0.0029EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.24 views

PT-2026-39929

SAP Financial Consolidation allows an authenticated attacker to disconnect other users by terminating their sessions temporarily preventing access. However, the application itself cannot be compromised resulting in a low impact on availability. There is no impact on confidentiality and integrity ...

4.3CVSS5.8AI score0.0029EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/10 6:31 p.m.6 views

EUVD-2026-10449

SAP Solution Tools Plug-In ST-PI contains a function module that does not perform the necessary authorization checks for authenticated users, allowing system information to be disclosed. This vulnerability has a low impact on confidentiality and does not affect integrity or availability...

5CVSS5.8AI score0.00209EPSS
Exploits0References3
NVD
NVD
added 2026/02/10 4:16 a.m.11 views

CVE-2026-24321

SAP Commerce Cloud exposes multiple API endpoints to unauthenticated users, allowing them to submit requests to these open endpoints to retrieve sensitive information that is not intended to be publicly accessible via the front-end. This vulnerability has a low impact on confidentiality and does...

5.3CVSS0.00214EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/14 1:22 a.m.6 views

CVE-2026-0510

The User Management Engine UME in NetWeaver Application Server for Java NW AS Java utilizes an obsolete cryptographic algorithm for encrypting User Mapping data. This weakness could allow an attacker with high-privileged access to exploit the vulnerability under specific conditions potentially...

3CVSS6.4AI score0.00122EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/17 2:25 a.m.4 views

EUVD-2025-34847

An Execution with Unnecessary Privileges vulnerability has been identified in Moxa’s network security appliances and routers. A flaw in the API authorization logic of the affected device allows an authenticated, low-privileged user to execute the administrative ping function, which is restricted ...

9.9CVSS6.3AI score0.00658EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/15 4:43 p.m.5 views

CVE-2025-42906

SAP Commerce Cloud contains a path traversal vulnerability that may allow users to access web applications such as the Administration Console from addresses where the Administration Console is not explicitly deployed. This could potentially bypass configured access restrictions, resulting in a lo...

5.3CVSS6.6AI score0.00391EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-41374

Malicious code in bioql PyPI...

5.3CVSS5.7AI score0.00414EPSS
Exploits0References2
OSV
OSV
added 2024/12/10 1:15 a.m.6 views

CVE-2024-32732

Under certain conditions SAP BusinessObjects Business Intelligence platform allows an attacker to access information which would otherwise be restricted.This has low impact on Confidentiality with no impact on Integrity and Availability of the application...

5.3CVSS5.8AI score0.00309EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/07/09 12:0 a.m.4 views

SAP S/4HANA Security Vulnerabilities

SAP S/4HANA is an enterprise resource management software based on the SAP HANA in-memory database system from SAP, Germany. A security vulnerability exists in SAP S/4HANA that stems from a failure to perform the required authorization checks for authenticated users, resulting in an escalation of...

5.4CVSS6.8AI score0.00296EPSS
Exploits0References3
OSV
OSV
added 2024/03/12 1:15 a.m.3 views

CVE-2024-25645

Under certain condition SAP NetWeaver Enterprise Portal - version 7.50 allows an attacker to access information which would otherwise be restricted causing low impact on confidentiality of the application and with no impact on Integrity and Availability of the application...

5.3CVSS5.8AI score0.0041EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/11 12:0 a.m.7 views

PT-2024-21063 · Sap · Sap Netweaver

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Enterprise Portal version 7.50 Description: The issue allows an attacker to access information that would otherwise be restricted, causing low impact on the confidentiality of the application, with no impact on the integrity and...

5.3CVSS6.8AI score0.0041EPSS
Exploits0References5
OSV
OSV
added 2023/12/12 2:15 a.m.7 views

CVE-2023-49578

SAP Cloud Connector - version 2.0, allows an authenticated user with low privilege to perform Denial of service attack from adjacent UI by sending a malicious request which leads to low impact on the availability and no impact on confidentiality or Integrity of the application...

3.5CVSS5.7AI score0.0027EPSS
Exploits0References2
OSV
OSV
added 2023/11/14 1:15 a.m.4 views

CVE-2023-41366

Under certain condition SAP NetWeaver Application Server ABAP - versions KERNEL 722, KERNEL 7.53, KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.54, KERNEL 7.91, KERNEL 7.92, KERNEL 7.93, KERNEL 7.94, KERNEL64UC 7.22, KERNEL64UC 7.22EXT, KERNEL64UC 7.53, KERNEL64NUC 7.22, KERNEL64NUC 7.22EXT,...

5.3CVSS5.8AI score0.00586EPSS
Exploits0References2
NVD
NVD
added 2023/09/12 2:15 a.m.27 views

CVE-2023-37489

Due to the lack of validation, SAP BusinessObjects Business Intelligence Platform Version Management System - version 403, permits an unauthenticated user to read the code snippet through the UI, which leads to low impact on confidentiality and no impact on the application's availability or...

5.3CVSS5.4AI score0.00433EPSS
Exploits0References2
Rows per page
Query Builder