CVE-2024-27899 : SAP NETWEAVER AS JAVA USER MANAGEMENT ENGINE 7.50 USER ADMIN APPLICATION PASSWORD RECOVERY
Description Self-Registration and Modify your own profile in User Admin Application of NetWeaver AS Java does not enforce proper security
CVE-2023-31403 : SAP SAP BUSINESS ONE 10.0 SMB SHARED FOLDER ACCESS CONTROL
Description SAP Business One installation – version 10.0, does not perform proper authentication and authorization checks for SMB shared folder.
CVE-2023-37483 : SAP POWERDESIGNER 16.7 PROXY ACCESS CONTROL
Description SAP PowerDesigner – version 16.7, has improper access control which might allow an unauthenticated attacker to run arbitrary queries
CVE-2023-27497 : SAP DIAGNOSTICS AGENT 720 ON WINDOWS EVENTLOGSERVICECOLLECTOR MISSING AUTHENTICATION
Description Due to missing authentication and input sanitization of code the EventLogServiceCollector of SAP Diagnostics Agent – version 720, allows
CVE-2023-23857 : SAP NETWEAVER AS FOR JAVA 7.50 OPEN INTERFACE IMPROPER AUTHENTICATION
Description Due to missing authentication check, SAP NetWeaver AS for Java – version 7.50, allows an unauthenticated attacker to attach
CVE-2022-32240 : SAP 3D VISUAL ENTERPRISE VIEWER JT FILE DENIAL OF SERVICE
Description When a user opens manipulated Jupiter Tesselation (.jt, JTReader.x3d) files received from untrusted sources in SAP 3D Visual Enterprise
SAP Business One 10.0 cleartext storage [CVE-2021-42066]
A vulnerability has been found in SAP Business One 10.0 and classified as problematic. This vulnerability affects an unknown code
SAP 3D Visual Enterprise Viewer 9.0 GIF File denial of service
A vulnerability was found in SAP 3D Visual Enterprise Viewer 9.0 and classified as problematic. This issue affects some unknown
SAP 3D Visual Enterprise Viewer 9.0 TIF Image File denial of service
A vulnerability was found in SAP 3D Visual Enterprise Viewer 9.0. It has been classified as problematic. Affected is an
SAP 3D Visual Enterprise Viewer 9.0 JT File denial of service
A vulnerability was found in SAP 3D Visual Enterprise Viewer 9.0. It has been declared as problematic. Affected by this
SAP Knowledge Warehouse 7.30/7.31/7.40/7.50 KW cross site scripting
A vulnerability was found in SAP Knowledge Warehouse 7.30/7.31/7.40/7.50 (Knowledge Base Software). It has been rated as problematic. Affected by
SAP NetWeaver Development Infrastructure up to 7.50The Query server-side request forgery
A vulnerability has been found in SAP NetWeaver Development Infrastructure up to 7.50The (Solution Stack Software) and classified as critical.
SAP NetWeaver Portal up to 7.50 Iviews Editor server-side request forgery
A vulnerability was found in SAP NetWeaver Portal up to 7.50 (Solution Stack Software) and classified as critical. This issue
SAP NetWeaver Development Infrastructure 7.31/7.40/7.50 NWDI Notification Service cross site scripting
A vulnerability was found in SAP NetWeaver Development Infrastructure 7.31/7.40/7.50 (Solution Stack Software). It has been classified as problematic. Affected
SAP Business One 10.0 Service Layer authorization
A vulnerability was found in SAP Business One 10.0. It has been declared as critical. Affected by this vulnerability is
SAP Cloud Connector 2.0 Backup ZIP File path traversal
A vulnerability was found in SAP Cloud Connector 2.0 (Cloud Software). It has been declared as critical. This vulnerability affects
SAP Cloud Connector 2.0 Configuration File os command injection
A vulnerability was found in SAP Cloud Connector 2.0 (Cloud Software). It has been rated as critical. This issue affects
SAP Cloud Connector 2.0 Backend Communication certificate validation
A vulnerability classified as critical has been found in SAP Cloud Connector 2.0 (Cloud Software). Affected is an unknown code
SAP BusinessObjects Business Intelligence Platform 420/430 unknown vulnerability
A vulnerability classified as problematic was found in SAP BusinessObjects Business Intelligence Platform 420/430 (Business Process Management Software). Applying a
SAP Business One 10.0 unrestricted upload [CVE-2021-33698]
A vulnerability, which was classified as critical, has been found in SAP Business One 10.0. Affected by this issue is
SAP DMIS Mobile Plug-In/SHANA NDZT Tool sql injection [CVE-2021-33701]
A vulnerability, which was classified as critical, was found in SAP DMIS Mobile Plug-In and SHANA (the affected version unknown).
SAP Cloud Connector 2.0 cross site scripting [CVE-2021-33694]
A vulnerability was found in SAP Cloud Connector 2.0 (Cloud Software). It has been declared as problematic. This vulnerability affects
SAP BusinessObjects Business Intelligence Platform 420/430 cross site scripting
A vulnerability was found in SAP BusinessObjects Business Intelligence Platform 420/430 (Business Process Management Software). It has been rated as
SAP Business One 10.0 authentication bypass [CVE-2021-33700]
A vulnerability classified as critical has been found in SAP Business One 10.0. Affected is some unknown functionality. Applying a