EUVD-2023-28539

Malicious code in bioql PyPI...

EUVD-2023-29555

Malicious code in bioql PyPI...

Insecure TLS Configuration

wolfssl uses Insecure TLS Configuration. When generating the session master secret, the IKM value is utilized as a default predictable buffer, which may compromise the key and make it possible for listeners to reconstruct it. This could provide access to alteration of the contents of session...

CVE-2023-25615 SQL Injection vulnerability in SAP ABAP Platform

Due to insufficient input sanitization, SAP ABAP - versions 751, 753, 753, 754, 756, 757, 791, allows an authenticated high privileged user to alter the current session of the user by injecting the malicious database queries over the network and gain access to the unintended data. This may lead t...

SAP ABAP Platform SQL注入漏洞

SAP ABAP Platform is an ABAP-based SAP solution from SAP, Germany. SAP ABAP Platform suffers from a SQL injection vulnerability that stems from inadequate input cleanup, which can be exploited by an authenticated attacker to alter a user's current session and gain access to unintended data by...

CVE-2023-24522

Due to insufficient input sanitization, SAP NetWeaver AS ABAP Business Server Pages - versions 700, 701, 702, 731, 740, allows an unauthenticated user to alter the current session of the user by injecting the malicious code over the network and gain access to the unintended data. This may lead to...

CVE-2023-24522

CVE-2023-24522 affects SAP NetWeaver AS ABAP (Business Server Pages) and versions 700, 701, 702, 731, 740. Root cause: insufficient input sanitization that allows an unauthenticated user to inject malicious code over the network to alter a user’s current session, potentially exposing data. Impact...

CVE-2023-24521

Due to insufficient input sanitization, SAP NetWeaver AS ABAP BSP Framework - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, allows an unauthenticated user to alter the current session of the user by injecting the malicious code over the network and gain access to the...

CVE-2023-24521

CVE-2023-24521 affects SAP NetWeaver AS ABAP (BSP Framework) versions 700–757. The issue stems from insufficient input sanitization, allowing an unauthenticated user to inject malicious code over the network to alter the current user session and access unintended data, with a limited impact on co...

PT-2023-19670 · Sap · Sap Netweaver As Abap

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS ABAP Business Server Pages versions 700, 701, 702, 731, 740 Description: The issue is caused by insufficient input sanitization, allowing an unauthenticated user to alter the current session of the user by injecting malicious...

PT-2023-19669 · Sap · Sap Netweaver As Abap

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS ABAP BSP Framework versions 700 through 757 Description: The issue is caused by insufficient input sanitization, allowing an unauthenticated user to alter the current session of the user by injecting malicious code over the...

CVE-2022-41208

Due to insufficient input validation, SAP Financial Consolidation - version 1010, allows an authenticated attacker with user privileges to alter current user session. On successful exploitation, the attacker can view or modify information, causing a limited impact on confidentiality and integrity...

CVE-2022-41208

Due to insufficient input validation, SAP Financial Consolidation - version 1010, allows an authenticated attacker with user privileges to alter current user session. On successful exploitation, the attacker can view or modify information, causing a limited impact on confidentiality and integrity...