27 matches found
(0Day) Microsoft ASP.NET SOAP Execution Restriction Bypass Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft ASP.NET. Authentication may be required to exploit this vulnerability depending upon configuration. Additionally, specific configuration is required. The specific flaw exists within the...
EUVD-2012-4008
Malware in sbrugna...
EUVD-2017-8058
Malware in sbrugna...
CVE-2025-2500
A vulnerability exists in the SOAP Web services of the Asset Suite versions listed below. If successfully exploited, an attacker could gain unauthorized access to the product and the time window of a possible password attack could be expanded...
CVE-2025-2500
A vulnerability exists in the SOAP Web services of the Asset Suite versions listed below. If successfully exploited, an attacker could gain unauthorized access to the product and the time window of a possible password attack could be expanded...
CVE-2025-2500
A vulnerability exists in the SOAP Web services of the Asset Suite versions listed below. If successfully exploited, an attacker could gain unauthorized access to the product and the time window of a possible password attack could be expanded...
CVE-2025-2500
CVE-2025-2500 affects Hitachi Energy Asset Suite SOAP Web services. Public documentation indicates a vulnerability in SOAP-based interfaces that could allow an attacker to gain unauthorized access and potentially extend the window for password attacks. Reported CVSS data (3.1: High, 7.4; 4.0: Cri...
CVE-2025-2500
A vulnerability exists in the SOAP Web services of the Asset Suite versions listed below. If successfully exploited, an attacker could gain unauthorized access to the product and the time window of a possible password attack could be expanded...
PT-2025-23284 · Unknown · Asset Suite
Name of the Vulnerable Software and Affected Versions: Asset Suite versions affected versions not specified Description: A vulnerability exists in the SOAP Web services, allowing an attacker to gain unauthorized access to the product if successfully exploited. This could also expand the time wind...
CVE-2022-28213
When a user access SOAP Web services in SAP BusinessObjects Business Intelligence Platform - version 420, 430, it does not sufficiently validate the XML document accepted from an untrusted source, which might result in arbitrary files retrieval from the server and in successful exploits of DoS...
CVE-2021-31600
An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. They implement a series of web services using the SOAP protocol to allow scripting interaction with the backend server. An authenticated user regardless of privileges can list all...
python-suds bug fix and enhancement update
An update is available for python-suds. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The suds project is a python soap web services client lib. Suds leverages...
CVE-2022-28213
When a user access SOAP Web services in SAP BusinessObjects Business Intelligence Platform - version 420, 430, it does not sufficiently validate the XML document accepted from an untrusted source, which might result in arbitrary files retrieval from the server and in successful exploits of DoS...
CVE-2022-28213
When a user access SOAP Web services in SAP BusinessObjects Business Intelligence Platform - version 420, 430, it does not sufficiently validate the XML document accepted from an untrusted source, which might result in arbitrary files retrieval from the server and in successful exploits of DoS...
Code injection
When a user access SOAP Web services in SAP BusinessObjects Business Intelligence Platform - version 420, 430, it does not sufficiently validate the XML document accepted from an untrusted source, which might result in arbitrary files retrieval from the server and in successful exploits of DoS...
EUVD-2022-32667
When a user access SOAP Web services in SAP BusinessObjects Business Intelligence Platform - version 420, 430, it does not sufficiently validate the XML document accepted from an untrusted source, which might result in arbitrary files retrieval from the server and in successful exploits of DoS...
PT-2022-18878 · Sap · Sap Businessobjects Business Intelligence Platform
Name of the Vulnerable Software and Affected Versions: SAP BusinessObjects Business Intelligence Platform versions 420, 430 Description: The issue arises when a user accesses SOAP Web services, and the system fails to sufficiently validate the XML document accepted from an untrusted source. This...
CVE-2021-31601
An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. They implement a series of web services using the SOAP protocol to allow scripting interaction with the backend server. An authenticated user regardless of privileges can list all...
Security Bulletin: Financial Transaction Manager for Corporate Payment Services for Multi-Platform is affected by a potential SQL Injection vulnerability CVE-2018-1819
Summary Financial Transaction Manager for Corporate Payment Services for Multi-Platform FTM CPS has addressed the following vulnerability: Potential SQL Injection CVE-2018-1819 Vulnerability Details CVEID: CVE-2018-1819 DESCRIPTION: IBM Financial Transaction Manager for Digital Payments for...
Debian: Security Advisory (DLA-1036-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...