|
421
|
- |
|
-
|
-
|
Under certain conditions, Support Web Pages of SAP NetWeaver Process Integration (PI) - versions 7.50, allows an attacker to access information which would otherwise be restricted, causing low impact…
Update
|
-
|
CVE-2024-28163
|
2024-09-29 08:15 |
2024-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
422
|
- |
|
-
|
-
|
Under certain condition SAP NetWeaver (Enterprise Portal) - version 7.50 allows an attacker to access information which would otherwise be restricted causing low impact on confidentiality of the appl…
Update
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2024-25645
|
2024-09-29 08:15 |
2024-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
423
|
- |
|
-
|
-
|
Under certain conditions SAP NetWeaver WSRM - version 7.50, allows an attacker to access information which would otherwise be restricted, causing low impact on Confidentiality with no impact on Integ…
Update
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2024-25644
|
2024-09-29 08:15 |
2024-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
424
|
- |
|
-
|
-
|
SAP NetWeaver Application Server (ABAP) - versions KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.93, KERNEL 7.94, KRNL64UC 7.53, under certain conditions, allows an attack…
Update
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2024-24740
|
2024-09-29 08:15 |
2024-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
425
|
6.5 |
MEDIUM
Network
sap
|
s\/4hana_finance
|
SAP S/4HANA Finance for (Advanced Payment Management) - versions SAPSCORE 128, S4CORE 107, does not perform necessary authorization checks. A function import could be triggered allowing the attacker …
Update
|
CWE-863
Incorrect Authorization
|
CVE-2024-21736
|
2024-09-29 08:15 |
2024-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
426
|
9.8 |
CRITICAL
Network
sap
|
cloud-security-client-go
|
SAP BTP Security Services Integration Library ([Golang] github.com/sap/cloud-security-client-go) - versions < 0.17.0, allow under certain conditions an escalation of privileges. On successful exploit…
Update
|
CWE-749
Exposed Dangerous Method or Function
|
CVE-2023-50424
|
2024-09-29 08:15 |
2023-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
427
|
9.8 |
CRITICAL
Network
sap
|
sap-xssec
|
SAP BTP Security Services Integration Library ([Python] sap-xssec) - versions < 4.1.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated attac…
Update
|
CWE-749
Exposed Dangerous Method or Function
|
CVE-2023-50423
|
2024-09-29 08:15 |
2023-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
428
|
9.8 |
CRITICAL
Network
sap
|
cloud-security-services-integration-library
|
SAP BTP Security Services Integration Library ([Java] cloud-security-services-integration-library) - versions below 2.17.0 and versions from 3.0.0 to before 3.3.0, allow under certain conditions an e…
Update
|
CWE-749
Exposed Dangerous Method or Function
|
CVE-2023-50422
|
2024-09-29 08:15 |
2023-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
429
|
9.8 |
CRITICAL
Network
sap
|
\@sap\/xssec
|
SAP BTP Security Services Integration Library ([Node.js] @sap/xssec - versions < 3.6.0, allow under certain conditions an escalation of privileges. On successful exploitation, an unauthenticated atta…
Update
|
CWE-749
Exposed Dangerous Method or Function
|
CVE-2023-49583
|
2024-09-29 08:15 |
2023-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
430
|
7.3 |
HIGH
Network
sap
|
graphical_user_interface
|
SAP GUI for Windows and SAP GUI for Java - versions SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP_BASIS 758, allow an unauthenticated attacker to access information which would otherwise be restri…
Update
|
NVD-CWE-noinfo
|
CVE-2023-49580
|
2024-09-29 08:15 |
2023-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
