711
|
8.8 |
HIGH
Network
|
qnap
|
video_station
|
An OS command injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to execute commands via a network.
We have already fi…
|
CWE-78 CWE-77
OS Command Command Injection
|
CVE-2023-47563
|
2024-09-29 08:47 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
712
|
8.8 |
HIGH
Network
|
qnap
|
video_station
|
A SQL injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.
We have already fixed…
|
CWE-89
SQL Injection
|
CVE-2023-50360
|
2024-09-29 08:44 |
2024-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
713
|
- |
|
-
|
-
|
SAP Business Objects Business Intelligence Platform is vulnerable to Insecure Storage as dynamic web pages are getting cached even after logging out. On successful exploitation, the attacker can see …
|
CWE-524 CWE-922
Use of Cache Containing Sensitive Information Insecure Storage of Sensitive Information
|
CVE-2024-33004
|
2024-09-29 08:15 |
2024-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
714
|
- |
|
-
|
-
|
The ABAP Application Server of SAP NetWeaver as well as ABAP Platform allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. This leads t…
|
CWE-605
Multiple Binds to the Same Port
|
CVE-2024-30218
|
2024-09-29 08:15 |
2024-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
715
|
- |
|
-
|
-
|
Due to improper validation, SAP BusinessObject Business Intelligence Launch Pad allows an authenticated attacker to access operating system information using crafted document. On successful exploitat…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2024-25646
|
2024-09-29 08:15 |
2024-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
716
|
- |
|
-
|
-
|
Under certain conditions, Support Web Pages of SAP NetWeaver Process Integration (PI) - versions 7.50, allows an attacker to access information which would otherwise be restricted, causing low impact…
|
-
|
CVE-2024-28163
|
2024-09-29 08:15 |
2024-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
717
|
- |
|
-
|
-
|
Under certain condition SAP NetWeaver (Enterprise Portal) - version 7.50 allows an attacker to access information which would otherwise be restricted causing low impact on confidentiality of the appl…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2024-25645
|
2024-09-29 08:15 |
2024-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
718
|
- |
|
-
|
-
|
Under certain conditions SAP NetWeaver WSRM - version 7.50, allows an attacker to access information which would otherwise be restricted, causing low impact on Confidentiality with no impact on Integ…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2024-25644
|
2024-09-29 08:15 |
2024-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
719
|
- |
|
-
|
-
|
SAP NetWeaver Application Server (ABAP) - versions KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.93, KERNEL 7.94, KRNL64UC 7.53, under certain conditions, allows an attack…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2024-24740
|
2024-09-29 08:15 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
720
|
6.5 |
MEDIUM
Network
sap
|
s\/4hana_finance
|
SAP S/4HANA Finance for (Advanced Payment Management) - versions SAPSCORE 128, S4CORE 107, does not perform necessary authorization checks. A function import could be triggered allowing the attacker …
|
CWE-863
Incorrect Authorization
|
CVE-2024-21736
|
2024-09-29 08:15 |
2024-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|