50 matches found
CVE-2025-42899
SAP S4CORE Manage journal entries does not perform necessary authorization checks for an authenticated user resulting in escalation of privileges. This has low impact on confidentiality of the application with no impact on integrity and availability of the application...
CVE-2025-42899
SAP S4CORE Manage journal entries does not perform necessary authorization checks for an authenticated user resulting in escalation of privileges. This has low impact on confidentiality of the application with no impact on integrity and availability of the application...
PT-2025-46237
Name of the Vulnerable Software and Affected Versions SAP S4CORE affected versions not specified Description The software does not perform required authorization checks for authenticated users when managing journal entries, potentially allowing for privilege escalation. The issue has a low impact...
EUVD-2018-14274
Malware in sbrugna...
EUVD-2019-1156
Malware in sbrugna...
EUVD-2018-14339
Malware in sbrugna...
EUVD-2025-10092
Malicious code in bioql PyPI...
EUVD-2023-45181
Malicious code in bioql PyPI...
EUVD-2025-14347
Malicious code in bioql PyPI...
SAP S4CORE Information Disclosure Vulnerability
SAP S4CORE is an application for managing procurement contracts from SAP. SAP S4CORE suffers from an information disclosure vulnerability that stems from a lack of authorization checks, which can be exploited by an attacker to cause information disclosure...
CVE-2019-0383
Transaction Management in SAP Treasury and Risk Management corrected in S4CORE versions 1.01, 1.02, 1.03, 1.04 and EA-FINSERV versions 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0 does not perform necessary authorization checks for an authenticated user, resulting in escalation of privilege...
CVE-2019-0393
An SQL Injection vulnerability in SAP Quality Management corrected in S4CORE versions 1.0, 1.01, 1.02, 1.03 allows an attacker to carry out targeted database queries that can read individual fields of historical inspection results...
CVE-2025-43002
SAP S4CORE OData meta-data property allows an authenticated attacker to access restricted information due to missing authorization check. This could cause a low impact on confidentiality but integrity and availability of the application are not impacted...
CVE-2025-43002
SAP S4CORE OData meta-data property allows an authenticated attacker to access restricted information due to missing authorization check. This could cause a low impact on confidentiality but integrity and availability of the application are not impacted...
PT-2025-20814 · Sap · Sap S4Core
Name of the Vulnerable Software and Affected Versions: SAP S4CORE affected versions not specified Description: The issue allows an authenticated attacker to access restricted information due to a missing authorization check in the OData meta-data property. This could cause a low impact on...
The vulnerability of the OData protocol implementation in SAP S4CORE Entity software allows unauthorized access to protected information.
The vulnerability of the OData protocol implementation in SAP S4CORE Entity software is related to deficiencies in displaying hidden user fields. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...
CVE-2025-31333
SAP S4CORE OData meta-data property is vulnerable to data tampering, due to which entity set could be externally modified by an attacker causing low impact on integrity of the application. Confidentiality and availability is not impacted...
CVE-2025-31333
SAP S4CORE OData meta-data property is vulnerable to data tampering, due to which entity set could be externally modified by an attacker causing low impact on integrity of the application. Confidentiality and availability is not impacted...
CVE-2025-31333
The CVE-2025-31333 issue affects SAP S4CORE : an OData meta-data property vulnerability that could allow data tampering to externally modify an entity set, with low integrity impact and no impact to confidentiality or availability. Advisories note SAP has released patches to fix this and other SA...
CVE-2025-31333 Odata meta-data tampering in SAP S4CORE entity
SAP S4CORE OData meta-data property is vulnerable to data tampering, due to which entity set could be externally modified by an attacker causing low impact on integrity of the application. Confidentiality and availability is not impacted...