46 matches found
EUVD-2020-27352
Malware in sbrugna...
EUVD-2020-27463
Malware in sbrugna...
EUVD-2022-30670
Malicious code in bioql PyPI...
EUVD-2024-30750
Malicious code in bioql PyPI...
EUVD-2024-22139
Malicious code in bioql PyPI...
EUVD-2021-27680
Malicious code in bioql PyPI...
CVE-2025-42956 Multiple vulnerabilities in SAP NetWeaver Application Server ABAP
SAP NetWeaver Application Server ABAP and ABAP Platform allows an unauthenticated attacker to create a malicious link which they can make publicly available. When an authenticated victim clicks on this malicious link, injected input data will be used by the web site page generation to create...
CVE-2025-42981 Multiple vulnerabilities in SAP NetWeaver Application Server ABAP
Due to an open redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft a URL link embedding a malicious script at a location not properly sanitized. When a victim clicks on this link, the script executes within the victim's browser, redirecting the...
PT-2025-28293 · Sap · Sap Netweaver Application Server Java
Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Application Server Java affected versions not specified Description: The issue concerns a component in SAP NetWeaver Application Server Java that handles outbound TLS connections. This component does not properly verify the...
CVE-2024-45279
Due to insufficient input validation, CRM Blueprint Application Builder Panel of SAP NetWeaver Application Server for ABAP allows an unauthenticated attacker to craft a URL link which could embed a malicious JavaScript. When a victim clicks on this link, the script will be executed in the victim'...
CVE-2024-33005
Due to the missing authorization checks in the local systems, the admin users of SAP Web Dispatcher, SAP NetWeaver Application Server ABAP and Java, and SAP Content Server can impersonate other users and may perform some unintended actions. This could lead to a low impact on confidentiality and a...
CVE-2023-24526
SAP NetWeaver Application Server Java for Classload Service - version 7.50, does not perform any authentication checks for functionalities that require user identity, resulting in escalation of privileges. This failure has a low impact on confidentiality of the data such that an unassigned user c...
CVE-2021-21485
An unauthorized attacker may be able to entice an administrator to invoke telnet commands of an SAP NetWeaver Application Server for Java that allow the attacker to gain NTLM hashes of a privileged user...
CVE-2019-0318
Under certain conditions SAP NetWeaver Application Server for Java Startup Framework, versions 7.21, 7.22, 7.45, 7.49, and 7.53, allows an attacker to access information which would otherwise be restricted...
CVE-2019-0345
A remote unauthenticated attacker can abuse a web service in SAP NetWeaver Application Server for Java Administrator System Overview, versions 7.30, 7.31, 7.40, 7.50, by sending a specially crafted XML file and trick the application server into leaking authentication credentials for its own SAP...
PT-2025-15363 · Sap · Sap Netweaver Application Server Abap
Name of the Vulnerable Software and Affected Versions: SAP NetWeaver Application Server ABAP affected versions not specified Description: The issue allows an authenticated attacker to craft a Remote Function Call RFC request to restricted destinations, exposing credentials for a remote service...
SAP NetWeaver Application Server Java Authorization Issues Vulnerability
SAP NetWeaver Application Server Java is an application server from SAP. An authorization issue vulnerability exists in SAP NetWeaver Application Server Java, which arises from the program not properly checking the authorization of the service endpoint, no details of the vulnerability are availab...
SAP NetWeaver Application Server Information Disclosure Vulnerability
SAP NetWeaver Application Server is an application server from SAP, Germany. An information disclosure vulnerability exists in SAP NetWeaver Application Server ABAP, which can be exploited by an attacker with administrative or user directory privileges to disclose data and compromise program...
SAP NetWeaver Application Server Java Cross-Site Scripting Vulnerability
SAP NetWeaver Application Server Java is a German SAP SAP company provides a Java runtime environment of the application server. The product is mainly used to develop and run Java EE applications. A cross-site scripting vulnerability exists in SAP NetWeaver Application Server Java, which can be...
CVE-2025-0054 Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Application Server Java
SAP NetWeaver Application Server Java does not sufficiently handle user input, resulting in a stored cross-site scripting vulnerability. The application allows attackers with basic user privileges to store a Javascript payload on the server, which could be later executed in the victim's web...