255 matches found
CVE-2020-6261
SAP Solution Manager Trace Analysis, version 7.20, allows an attacker to perform a log injection into the trace file, due to Incomplete XML Validation. The readability of the trace file is impaired...
CVE-2020-6261
SAP Solution Manager Trace Analysis, version 7.20, allows an attacker to perform a log injection into the trace file, due to Incomplete XML Validation. The readability of the trace file is impaired...
Input validation
SAP Solution Manager Trace Analysis, version 7.20, allows an attacker to perform a log injection into the trace file, due to Incomplete XML Validation. The readability of the trace file is impaired...
CVE-2020-6261
SAP Solution Manager Trace Analysis, version 7.20, allows an attacker to perform a log injection into the trace file, due to Incomplete XML Validation. The readability of the trace file is impaired...
CVE-2020-6261
SAP Solution Manager (Trace Analysis) 7.20 is affected. The issue allows log injection into the trace file due to incomplete XML validation, impairing readability of trace files. No explicit remediation or patch version is provided in the connected documents. References point to SAP notes/wiki en...
SAP Solution Manager Memory Corruption Vulnerability
SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as one of the system management platform. The platform can help customers establish SAP solution lifecycle management, and provide system...
CVE-2020-6260
SAP Solution Manager Trace Analysis, version 7.20, allows an attacker to inject superflous data that can be displayed by the application, due to Incomplete XML Validation. The application shows additional data that do not actually exist...
CVE-2020-6260
SAP Solution Manager Trace Analysis, version 7.20, allows an attacker to inject superflous data that can be displayed by the application, due to Incomplete XML Validation. The application shows additional data that do not actually exist...
CVE-2020-6260
SAP Solution Manager Trace Analysis, version 7.20, allows an attacker to inject superflous data that can be displayed by the application, due to Incomplete XML Validation. The application shows additional data that do not actually exist...
CVE-2020-6260
SAP Solution Manager (Trace Analysis) 7.20 is affected by CVE-2020-6260 due to incomplete XML validation, enabling an attacker to inject data that the application may display, exposing data that does not exist. The issue is network-accessible with low attack complexity and requires no authenticat...
CVE-2020-6238
SAP Commerce, versions - 6.6, 6.7, 1808, 1811, 1905, does not process XML input securely in the Rest API from Servlet xyformsweb, leading to Missing XML Validation. This affects confidentiality and availability partially of SAP Commerce...
CVE-2020-6238
SAP Commerce, versions - 6.6, 6.7, 1808, 1811, 1905, does not process XML input securely in the Rest API from Servlet xyformsweb, leading to Missing XML Validation. This affects confidentiality and availability partially of SAP Commerce...
Input validation
SAP Commerce, versions - 6.6, 6.7, 1808, 1811, 1905, does not process XML input securely in the Rest API from Servlet xyformsweb, leading to Missing XML Validation. This affects confidentiality and availability partially of SAP Commerce...
CVE-2020-6238
SAP Commerce, versions - 6.6, 6.7, 1808, 1811, 1905, does not process XML input securely in the Rest API from Servlet xyformsweb, leading to Missing XML Validation. This affects confidentiality and availability partially of SAP Commerce...
Palo Alto Networks PAN-OS Code Issue Vulnerability
Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks for its firewall appliances. Palo Alto Networks PAN-OS suffers from a code issue vulnerability that stems from the program's lack of XML validation. An attacker could exploit this vulnerability to inject arbitrary XM...
Input validation
Missing XML validation vulnerability in the PAN-OS web interface on Palo Alto Networks PAN-OS software allows authenticated users to inject arbitrary XML that results in privilege escalation. This issue affects PAN-OS 8.1 versions earlier than PAN-OS 8.1.12 and PAN-OS 9.0 versions earlier than...
CVE-2020-1975 Missing XML Validation in PAN-OS Web Interface
Missing XML validation vulnerability in the PAN-OS web interface on Palo Alto Networks PAN-OS software allows authenticated users to inject arbitrary XML that results in privilege escalation. This issue affects PAN-OS 8.1 versions earlier than PAN-OS 8.1.12 and PAN-OS 9.0 versions earlier than...
CVE-2020-6177
SAP Mobile Platform, version 3.0, does not sufficiently validate an XML document accepted from an untrusted source which could lead to partial denial of service. Since SAP Mobile Platform does not allow External-Entity resolving, there is no issue of leaking content of files on the server...
CVE-2020-6177
SAP Mobile Platform, version 3.0, does not sufficiently validate an XML document accepted from an untrusted source which could lead to partial denial of service. Since SAP Mobile Platform does not allow External-Entity resolving, there is no issue of leaking content of files on the server...
Xxe
SAP Mobile Platform, version 3.0, does not sufficiently validate an XML document accepted from an untrusted source which could lead to partial denial of service. Since SAP Mobile Platform does not allow External-Entity resolving, there is no issue of leaking content of files on the server...