20 matches found
CVE-2026-44750
SAP MDG Review Match Groups Application does not perform the necessary authorization checks for authenticated users. This could allow a low-privileged user to perform actions that would otherwise be restricted, resulting in escalation of privileges. This has a low impact on integrity, while...
CVE-2023-49058
SAP Master Data Governance File Upload application allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing ‘traverse to parent directory’ are passed through to the file APIs. As a result, it has a low impact to the confidentiality...
EUVD-2020-27399
Malware in sbrugna...
EUVD-2020-27406
Malware in sbrugna...
EUVD-2021-8749
Malicious code in bioql PyPI...
SAP MDM Server 安全漏洞
SAP MDM Server is an MDM server from SAP, Germany. A security vulnerability exists in SAP MDM Server that stems from a memory read access violation triggered by the ReadString function when processing specially crafted packets, which could lead to an unexpected termination of the server process...
PT-2025-24597 · Sap · Sap Master Data Management Server
Name of the Vulnerable Software and Affected Versions: SAP Master Data Management Server affected versions not specified Description: The issue allows an attacker to gain control of existing client sessions and execute certain functions without having to re-authenticate. This gives the ability to...
CVE-2024-24741
SAP Master Data Governance for Material Data - versions 618, 619, 620, 621, 622, 800, 801, 802, 803, 804, does not perform necessary authorization check for an authenticated user, resulting in escalation of privileges. This could allow an attacker to read some sensitive information but no impact ...
CVE-2021-21475
Under specific circumstances SAP Master Data Management, versions - 710, 710.750, allows an unauthorized attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the file APIs. Due to this...
CVE-2020-6256
SAP Master Data Governance, versions - 748, 749, 750, 751, 752, 800, 801, 802, 803, 804, allows users to display change request details without having required authorizations, due to Missing Authorization Check...
CVE-2020-6249
The use of an admin backend report within SAP Master Data Governance, versions - S4CORE 101, S4FND 102, 103, 104, SAPBSFND 748; allows an attacker to execute crafted database queries, exposing the backend database, leading to SQL Injection...
SAP Master Data Governance Authorization Issues Vulnerability
SAP Master Data Governance is a suite of data management tools from SAP Germany for maintaining, validating, and distributing master data. An authorization issue vulnerability exists in SAP Master Data Governance for Material Data, which stems from a failure to perform the required authorization...
SAP Master Data Governance Path Traversal Vulnerability
SAP Master Data Governance is a suite of data management tools from SAP Germany for maintaining, validating, and distributing master data. A path traversal vulnerability exists in SAP Master Data Governance, which stems from insufficient validation of user-supplied path information by the File...
CVE-2021-21475
Under specific circumstances SAP Master Data Management, versions - 710, 710.750, allows an unauthorized attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the file APIs. Due to this...
Unspecified Vulnerability in SAP Master Data Governance
SAP Master Data Governance is a suite of data management tools from SAP Germany for maintaining, validating, and distributing master data. A security vulnerability exists in SAP Master Data Governance that stems from a lack of authorization checks. An attacker could exploit the vulnerability to...
CVE-2020-6256
SAP Master Data Governance, versions - 748, 749, 750, 751, 752, 800, 801, 802, 803, 804, allows users to display change request details without having required authorizations, due to Missing Authorization Check...
Sql injection
The use of an admin backend report within SAP Master Data Governance, versions - S4CORE 101, S4FND 102, 103, 104, SAPBSFND 748; allows an attacker to execute crafted database queries, exposing the backend database, leading to SQL Injection...
Authorization
SAP Master Data Governance, versions - 748, 749, 750, 751, 752, 800, 801, 802, 803, 804, allows users to display change request details without having required authorizations, due to Missing Authorization Check...
CVE-2020-6256
SAP Master Data Governance, versions - 748, 749, 750, 751, 752, 800, 801, 802, 803, 804, allows users to display change request details without having required authorizations, due to Missing Authorization Check...
CVE-2020-6249
The use of an admin backend report within SAP Master Data Governance, versions - S4CORE 101, S4FND 102, 103, 104, SAPBSFND 748; allows an attacker to execute crafted database queries, exposing the backend database, leading to SQL Injection...