CVE-2025-42899

SAP S4CORE Manage journal entries does not perform necessary authorization checks for an authenticated user resulting in escalation of privileges. This has low impact on confidentiality of the application with no impact on integrity and availability of the application...

CVE-2025-42899

SAP S4CORE Manage journal entries does not perform necessary authorization checks for an authenticated user resulting in escalation of privileges. This has low impact on confidentiality of the application with no impact on integrity and availability of the application...

PT-2025-46237

Name of the Vulnerable Software and Affected Versions SAP S4CORE affected versions not specified Description The software does not perform required authorization checks for authenticated users when managing journal entries, potentially allowing for privilege escalation. The issue has a low impact...

EUVD-2018-14274

Malware in sbrugna...

EUVD-2019-1156

Malware in sbrugna...

EUVD-2018-14339

Malware in sbrugna...

EUVD-2023-45181

Malicious code in bioql PyPI...

EUVD-2025-14347

Malicious code in bioql PyPI...

EUVD-2025-10092

Malicious code in bioql PyPI...

SAP S4CORE Information Disclosure Vulnerability

SAP S4CORE is an application for managing procurement contracts from SAP. SAP S4CORE suffers from an information disclosure vulnerability that stems from a lack of authorization checks, which can be exploited by an attacker to cause information disclosure...

CVE-2019-0383

Transaction Management in SAP Treasury and Risk Management corrected in S4CORE versions 1.01, 1.02, 1.03, 1.04 and EA-FINSERV versions 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0 does not perform necessary authorization checks for an authenticated user, resulting in escalation of privilege...

CVE-2019-0393

An SQL Injection vulnerability in SAP Quality Management corrected in S4CORE versions 1.0, 1.01, 1.02, 1.03 allows an attacker to carry out targeted database queries that can read individual fields of historical inspection results...

CVE-2025-43002

SAP S4CORE OData meta-data property allows an authenticated attacker to access restricted information due to missing authorization check. This could cause a low impact on confidentiality but integrity and availability of the application are not impacted...

CVE-2025-43002

SAP S4CORE OData meta-data property allows an authenticated attacker to access restricted information due to missing authorization check. This could cause a low impact on confidentiality but integrity and availability of the application are not impacted...

PT-2025-20814 · Sap · Sap S4Core

Name of the Vulnerable Software and Affected Versions: SAP S4CORE affected versions not specified Description: The issue allows an authenticated attacker to access restricted information due to a missing authorization check in the OData meta-data property. This could cause a low impact on...

CVE-2025-31333

SAP S4CORE OData meta-data property is vulnerable to data tampering, due to which entity set could be externally modified by an attacker causing low impact on integrity of the application. Confidentiality and availability is not impacted...

CVE-2025-31333

SAP S4CORE OData meta-data property is vulnerable to data tampering, due to which entity set could be externally modified by an attacker causing low impact on integrity of the application. Confidentiality and availability is not impacted...

CVE-2025-31333

The CVE-2025-31333 issue affects SAP S4CORE : an OData meta-data property vulnerability that could allow data tampering to externally modify an entity set, with low integrity impact and no impact to confidentiality or availability. Advisories note SAP has released patches to fix this and other SA...

CVE-2025-31333 Odata meta-data tampering in SAP S4CORE entity

SAP S4CORE OData meta-data property is vulnerable to data tampering, due to which entity set could be externally modified by an attacker causing low impact on integrity of the application. Confidentiality and availability is not impacted...

CVE-2025-31333 Odata meta-data tampering in SAP S4CORE entity

SAP S4CORE OData meta-data property is vulnerable to data tampering, due to which entity set could be externally modified by an attacker causing low impact on integrity of the application. Confidentiality and availability is not impacted...