Lucene search
K

255 matches found

NVD
NVD
added 2020/07/01 1:15 p.m.16 views

CVE-2020-6261

SAP Solution Manager Trace Analysis, version 7.20, allows an attacker to perform a log injection into the trace file, due to Incomplete XML Validation. The readability of the trace file is impaired...

5.3CVSS0.00775EPSS
Exploits0References2
OSV
OSV
added 2020/07/01 1:15 p.m.2 views

CVE-2020-6261

SAP Solution Manager Trace Analysis, version 7.20, allows an attacker to perform a log injection into the trace file, due to Incomplete XML Validation. The readability of the trace file is impaired...

5.3CVSS6.1AI score0.00775EPSS
Exploits0References2
Prion
Prion
added 2020/07/01 1:15 p.m.16 views

Input validation

SAP Solution Manager Trace Analysis, version 7.20, allows an attacker to perform a log injection into the trace file, due to Incomplete XML Validation. The readability of the trace file is impaired...

5CVSS5.5AI score0.00775EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/07/01 12:55 p.m.21 views

CVE-2020-6261

SAP Solution Manager Trace Analysis, version 7.20, allows an attacker to perform a log injection into the trace file, due to Incomplete XML Validation. The readability of the trace file is impaired...

5.3CVSS5.5AI score0.00775EPSS
Exploits0References2
CVE
CVE
added 2020/07/01 12:55 p.m.44 views

CVE-2020-6261

SAP Solution Manager (Trace Analysis) 7.20 is affected. The issue allows log injection into the trace file due to incomplete XML validation, impairing readability of trace files. No explicit remediation or patch version is provided in the connected documents. References point to SAP notes/wiki en...

5.3CVSS5.5AI score0.00775EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2020/06/11 12:0 a.m.1 views

SAP Solution Manager Memory Corruption Vulnerability

SAP Solution Manager is a set of system monitoring, SAP support desktop, self-service, ASAP implementation and other functions of the German SAP company as one of the system management platform. The platform can help customers establish SAP solution lifecycle management, and provide system...

6.5CVSS6.8AI score0.00775EPSS
Exploits0References1
OSV
OSV
added 2020/06/10 1:15 p.m.3 views

CVE-2020-6260

SAP Solution Manager Trace Analysis, version 7.20, allows an attacker to inject superflous data that can be displayed by the application, due to Incomplete XML Validation. The application shows additional data that do not actually exist...

5.3CVSS6.5AI score0.00775EPSS
Exploits0References2
NVD
NVD
added 2020/06/10 1:15 p.m.11 views

CVE-2020-6260

SAP Solution Manager Trace Analysis, version 7.20, allows an attacker to inject superflous data that can be displayed by the application, due to Incomplete XML Validation. The application shows additional data that do not actually exist...

6.5CVSS0.00775EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/06/10 12:44 p.m.18 views

CVE-2020-6260

SAP Solution Manager Trace Analysis, version 7.20, allows an attacker to inject superflous data that can be displayed by the application, due to Incomplete XML Validation. The application shows additional data that do not actually exist...

6.5CVSS5.3AI score0.00775EPSS
Exploits0References2
CVE
CVE
added 2020/06/10 12:44 p.m.49 views

CVE-2020-6260

SAP Solution Manager (Trace Analysis) 7.20 is affected by CVE-2020-6260 due to incomplete XML validation, enabling an attacker to inject data that the application may display, exposing data that does not exist. The issue is network-accessible with low attack complexity and requires no authenticat...

6.5CVSS5.2AI score0.00775EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2020/04/14 7:15 p.m.3 views

CVE-2020-6238

SAP Commerce, versions - 6.6, 6.7, 1808, 1811, 1905, does not process XML input securely in the Rest API from Servlet xyformsweb, leading to Missing XML Validation. This affects confidentiality and availability partially of SAP Commerce...

9.3CVSS5.8AI score0.0131EPSS
Exploits0References2
NVD
NVD
added 2020/04/14 7:15 p.m.18 views

CVE-2020-6238

SAP Commerce, versions - 6.6, 6.7, 1808, 1811, 1905, does not process XML input securely in the Rest API from Servlet xyformsweb, leading to Missing XML Validation. This affects confidentiality and availability partially of SAP Commerce...

9.3CVSS9.2AI score0.0131EPSS
Exploits0References2
Prion
Prion
added 2020/04/14 7:15 p.m.15 views

Input validation

SAP Commerce, versions - 6.6, 6.7, 1808, 1811, 1905, does not process XML input securely in the Rest API from Servlet xyformsweb, leading to Missing XML Validation. This affects confidentiality and availability partially of SAP Commerce...

6.4CVSS9AI score0.0131EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2020/04/14 6:39 p.m.17 views

CVE-2020-6238

SAP Commerce, versions - 6.6, 6.7, 1808, 1811, 1905, does not process XML input securely in the Rest API from Servlet xyformsweb, leading to Missing XML Validation. This affects confidentiality and availability partially of SAP Commerce...

9.3CVSS9.2AI score0.0131EPSS
Exploits0References2
CNVD
CNVD
added 2020/02/13 12:0 a.m.4 views

Palo Alto Networks PAN-OS Code Issue Vulnerability

Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks for its firewall appliances. Palo Alto Networks PAN-OS suffers from a code issue vulnerability that stems from the program's lack of XML validation. An attacker could exploit this vulnerability to inject arbitrary XM...

8.8CVSS7.2AI score0.00998EPSS
Exploits0References1
Prion
Prion
added 2020/02/12 11:15 p.m.17 views

Input validation

Missing XML validation vulnerability in the PAN-OS web interface on Palo Alto Networks PAN-OS software allows authenticated users to inject arbitrary XML that results in privilege escalation. This issue affects PAN-OS 8.1 versions earlier than PAN-OS 8.1.12 and PAN-OS 9.0 versions earlier than...

6.5CVSS8.6AI score0.00998EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/02/12 10:57 p.m.19 views

CVE-2020-1975 Missing XML Validation in PAN-OS Web Interface

Missing XML validation vulnerability in the PAN-OS web interface on Palo Alto Networks PAN-OS software allows authenticated users to inject arbitrary XML that results in privilege escalation. This issue affects PAN-OS 8.1 versions earlier than PAN-OS 8.1.12 and PAN-OS 9.0 versions earlier than...

6.8CVSS8.7AI score0.00998EPSS
Exploits0References1
OSV
OSV
added 2020/02/12 8:15 p.m.5 views

CVE-2020-6177

SAP Mobile Platform, version 3.0, does not sufficiently validate an XML document accepted from an untrusted source which could lead to partial denial of service. Since SAP Mobile Platform does not allow External-Entity resolving, there is no issue of leaking content of files on the server...

4.3CVSS5.8AI score0.00847EPSS
Exploits0References2
NVD
NVD
added 2020/02/12 8:15 p.m.17 views

CVE-2020-6177

SAP Mobile Platform, version 3.0, does not sufficiently validate an XML document accepted from an untrusted source which could lead to partial denial of service. Since SAP Mobile Platform does not allow External-Entity resolving, there is no issue of leaking content of files on the server...

4.3CVSS4.5AI score0.00847EPSS
Exploits0References2
Prion
Prion
added 2020/02/12 8:15 p.m.15 views

Xxe

SAP Mobile Platform, version 3.0, does not sufficiently validate an XML document accepted from an untrusted source which could lead to partial denial of service. Since SAP Mobile Platform does not allow External-Entity resolving, there is no issue of leaking content of files on the server...

4CVSS4.6AI score0.00847EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder