CVE-2026-27676

Due to missing authorization checks in the SAP S/4HANA OData Service Manage Technical Object Structures, an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability results in a low impact on integrity, while confidentiality and...

CVE-2026-27679

CVE-2026-27679 affects the SAP S/4HANA frontend OData Service (Manage Reference Structures). Missing authorization checks allow an attacker to update and delete child entities via exposed OData services, impacting integrity (I: High) with no confidentiality or availability impact stated. CVSS v3....

CVE-2026-27679

Due to missing authorization checks in the SAP S/4HANA frontend OData Service Manage Reference Structures, an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and...

EUVD-2026-22150

Due to missing authorization checks in the SAP S/4HANA backend OData Service Manage Reference Structures, an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and...

CVE-2026-27678 Missing Authorization check in SAP S/4HANA Backend OData Service (Manage Reference Structures)

Due to missing authorization checks in the SAP S/4HANA backend OData Service Manage Reference Structures, an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and...

PT-2026-32557

Due to missing authorization checks in the SAP S/4HANA OData Service Manage Reference Equipment, an attacker could update and delete child entities via OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and availability are not...

PT-2026-32558

Due to missing authorization checks in the SAP S/4HANA backend OData Service Manage Reference Structures, an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and...

SAP Just In Time 安全漏洞

SAP Just In Time is an application from SAP Germany designed to enable efficient demand-driven production and logistics throughout the supply chain. An elevation of privilege vulnerability exists in SAP Just In Time, which stems from the OData service not performing the necessary privilege checks...

PT-2025-6125 · Sap · Sap Fiori +1

Name of the Vulnerable Software and Affected Versions: SAP ERP affected versions not specified Description: The issue concerns the SAP OData endpoint in SAP Fiori for SAP ERP, where cached values could be poisoned by modifying the Host header value in an HTTP GET request. An attacker could alter...

CVE-2024-45282

Fields which are in 'read only' state in Bank Statement Draft in Manage Bank Statements application, could be modified by MERGE method. The property of an OData entity representing assumably immutable method is not protected against external modifications leading to integrity violations...

F5 BIG-IP SQL注入漏洞

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing and other functions. An OData injection vulnerability exists in F5 BIG-IP Next Central Manager, which can be exploited to send crafted SQL statemen...

Apache Olingo OData 4.0 - XML External Entity Injection Exploit

Exploit for java platform in category web applications Product: Apache Olingo OData 4.0 Vendor: Apache Foundation CSNC ID: CSNC-2009-025 CVE ID: CVE-2019-17554 Subject: XML External Entity Resolution XXE Risk: High Effect: Remotely exploitable Author: Archibald Haddock email protected Date:...

Apache Olingo Code Issue Vulnerability

Apache Olingo is a U.S. Apache Apache Software Foundation for the implementation of Open Data Protocol OData, Open Data Protocol Java library. A code issue vulnerability exists in Apache Olingo. An attacker could exploit this vulnerability to execute code or cause other harm...

Microsoft OData Denial of Service Vulnerability

Open Data Protocol Open Data Protocol, OData is a Web protocol for querying and updating data that provides a way to expose data that exists in an application, a standard initiated by Microsoft. A remote denial of service vulnerability exists in Microsoft OData. An attacker could exploit this...

CVE-2018-2465

SAP HANA versions 1.0 and 2.0 Extended Application Services classic model OData parser does not sufficiently validate XML. By exploiting, an unauthorized hacker can cause the database server to crash...

Microsoft Windows multiple security vulnerabilities

Print spooler service code execution, XML library integer overflow and memory corruption, multiple .Net vulnerabilities, Win32K privilege escalation SSL/TLS library protection bypass, Open Data Protocol DoS...

Denial of service

The WCF Replace function in the Open Data aka OData protocol implementation in Microsoft .NET Framework 3.5, 3.5 SP1, 3.5.1, and 4, and the Management OData IIS Extension on Windows Server 2012, allows remote attackers to cause a denial of service resource consumption and daemon restart via craft...

Microsoft .NET Framework Open Data Protocol DOS Vulnerability (2769327)

This host is missing an important security update according to Microsoft Bulletin MS13-004. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft .NET Framework Open Data Protocol DOS Vulnerability (2769327)

This host is missing an important security update according to Microsoft Bulletin MS13-004. OpenVAS Vulnerability Test $Id: secpodms13-007.nasl 5365 2017-02-20 13:46:09Z cfi $ Microsoft .NET Framework Open Data Protocol DOS Vulnerability 2769327 Authors: Antu Sanadi Copyright: Copyright c 2013...

MS13-007: Vulnerability in Open Data Protocol Could Allow Denial of Service (2769327)

The remote Windows host is running a version of the Microsoft .NET Framework that is affected by a denial of service vulnerability in the Open Data OData protocol. An unauthenticated attacker could exploit this vulnerability by sending a specially crafted HTTP request to the affected site. C...