Lucene search
K

17 matches found

RedhatCVE
RedhatCVE
added 2025/11/12 12:36 a.m.8 views

CVE-2025-42899

SAP S4CORE Manage journal entries does not perform necessary authorization checks for an authenticated user resulting in escalation of privileges. This has low impact on confidentiality of the application with no impact on integrity and availability of the application...

4.3CVSS6.9AI score0.00219EPSS
Exploits0References1
NVD
NVD
added 2025/11/11 1:15 a.m.4 views

CVE-2025-42899

SAP S4CORE Manage journal entries does not perform necessary authorization checks for an authenticated user resulting in escalation of privileges. This has low impact on confidentiality of the application with no impact on integrity and availability of the application...

4.3CVSS0.00219EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/11/11 12:0 a.m.6 views

PT-2025-46237

Name of the Vulnerable Software and Affected Versions SAP S4CORE affected versions not specified Description The software does not perform required authorization checks for authenticated users when managing journal entries, potentially allowing for privilege escalation. The issue has a low impact...

4.3CVSS6.2AI score0.00219EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-14347

Malicious code in bioql PyPI...

4.3CVSS6.4AI score0.00255EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-10092

Malicious code in bioql PyPI...

4.3CVSS6.6AI score0.00249EPSS
Exploits0References3
CNVD
CNVD
added 2025/05/28 12:0 a.m.5 views

SAP S4CORE Information Disclosure Vulnerability

SAP S4CORE is an application for managing procurement contracts from SAP. SAP S4CORE suffers from an information disclosure vulnerability that stems from a lack of authorization checks, which can be exploited by an attacker to cause information disclosure...

4.3CVSS6.5AI score0.00255EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/15 1:11 a.m.24 views

CVE-2025-43002

SAP S4CORE OData meta-data property allows an authenticated attacker to access restricted information due to missing authorization check. This could cause a low impact on confidentiality but integrity and availability of the application are not impacted...

4.3CVSS6.4AI score0.00255EPSS
Exploits0References1
NVD
NVD
added 2025/05/13 1:15 a.m.18 views

CVE-2025-43002

SAP S4CORE OData meta-data property allows an authenticated attacker to access restricted information due to missing authorization check. This could cause a low impact on confidentiality but integrity and availability of the application are not impacted...

4.3CVSS0.00255EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/05/13 12:0 a.m.5 views

PT-2025-20814 · Sap · Sap S4Core

Name of the Vulnerable Software and Affected Versions: SAP S4CORE affected versions not specified Description: The issue allows an authenticated attacker to access restricted information due to a missing authorization check in the OData meta-data property. This could cause a low impact on...

4.3CVSS5.8AI score0.00255EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/04/10 8:22 a.m.17 views

CVE-2025-31333

SAP S4CORE OData meta-data property is vulnerable to data tampering, due to which entity set could be externally modified by an attacker causing low impact on integrity of the application. Confidentiality and availability is not impacted...

4.3CVSS6.9AI score0.00249EPSS
Exploits0References1
NVD
NVD
added 2025/04/08 8:15 a.m.7 views

CVE-2025-31333

SAP S4CORE OData meta-data property is vulnerable to data tampering, due to which entity set could be externally modified by an attacker causing low impact on integrity of the application. Confidentiality and availability is not impacted...

4.3CVSS0.00249EPSS
Exploits0References2
CVE
CVE
added 2025/04/08 7:15 a.m.60 views

CVE-2025-31333

The CVE-2025-31333 issue affects SAP S4CORE : an OData meta-data property vulnerability that could allow data tampering to externally modify an entity set, with low integrity impact and no impact to confidentiality or availability. Advisories note SAP has released patches to fix this and other SA...

4.3CVSS7AI score0.00249EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/04/08 7:15 a.m.23 views

CVE-2025-31333 Odata meta-data tampering in SAP S4CORE entity

SAP S4CORE OData meta-data property is vulnerable to data tampering, due to which entity set could be externally modified by an attacker causing low impact on integrity of the application. Confidentiality and availability is not impacted...

4.3CVSS0.00249EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/04/08 7:15 a.m.5 views

CVE-2025-31333 Odata meta-data tampering in SAP S4CORE entity

SAP S4CORE OData meta-data property is vulnerable to data tampering, due to which entity set could be externally modified by an attacker causing low impact on integrity of the application. Confidentiality and availability is not impacted...

4.3CVSS7AI score0.00249EPSS
Exploits0References2
Symantec
Symantec
added 2019/12/10 12:0 a.m.26 views

SAP Portfolio and Project Management CVE-2019-0399 Information Disclosure Vulnerability

Description SAP Portfolio and Project Management is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected SAP Portfolio and Project Management SAP S4CORE 1.02 SAP S4CORE...

0.3AI score0.00882EPSS
Exploits0References1Affected Software1
Symantec
Symantec
added 2019/11/12 12:0 a.m.30 views

SAP Treasury and Risk Management CVE-2019-0383 Remote Authorization Bypass Vulnerability

Description SAP Treasury and Risk Management is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks. Technologies Affected SAP EA-FINSERV 6.0 SAP EA-FINSERV 6.03 SAP EA-FINSE...

0.8AI score0.01111EPSS
Exploits0References1Affected Software2
Symantec
Symantec
added 2019/11/12 12:0 a.m.34 views

SAP Treasury and Risk Management CVE-2019-0384 Remote Authorization Bypass Vulnerability

Description SAP Treasury and Risk Management is prone to an authorization-bypass vulnerability. Attackers can exploit this issue to gain unauthorized access and obtain sensitive information. This may aid in further attacks. Technologies Affected SAP EA-FINSERV 6.0 SAP EA-FINSERV 6.03 SAP EA-FINSE...

0.8AI score0.00887EPSS
Exploits0References1Affected Software2
Rows per page
Query Builder