|
211271
|
9.9 |
CRITICAL
Network
|
cisco
|
jabber
jabber_for_mobile_platforms
|
Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) w…
|
CWE-269
Improper Privilege Management
|
CVE-2020-27132
|
2024-11-21 14:20 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211272
|
9.9 |
CRITICAL
Network
|
cisco
|
jabber
jabber_for_mobile_platforms
|
Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) w…
|
CWE-269
Improper Privilege Management
|
CVE-2020-27127
|
2024-11-21 14:20 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211273
|
9.1 |
CRITICAL
Network
|
sap
|
solution_manager
|
SAP Solution Manager 7.2 (User Experience Monitoring), version - 7.2, allows an authenticated user to upload a malicious script that can exploit an existing path traversal vulnerability to compromise…
|
CWE-22
Path Traversal
|
CVE-2020-26837
|
2024-11-21 14:20 |
2020-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211274
|
6.1 |
MEDIUM
Network
|
sap
|
solution_manager
|
SAP Solution Manager (Trace Analysis), version - 720, allows for misuse of a parameter in the application URL leading to Open Redirect vulnerability, an attacker can enter a link to malicious site wh…
|
CWE-601
Open Redirect
|
CVE-2020-26836
|
2024-11-21 14:20 |
2020-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211275
|
9.1 |
CRITICAL
Network
|
sap
|
bw\/4hana
business_warehouse
|
SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782, and SAP BW4HANA, versions - 100, 200 allows an attacker authenticated with (high) developer privileges t…
|
CWE-78
OS Command
|
CVE-2020-26838
|
2024-11-21 14:20 |
2020-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211276
|
6.1 |
MEDIUM
Network
|
sap
|
netweaver_application_server_abap
|
SAP NetWeaver AS ABAP, versions - 740, 750, 751, 752, 753, 754 , does not sufficiently encode URL which allows an attacker to input malicious java script in the URL which could be executed in the bro…
|
CWE-79
Cross-site Scripting
|
CVE-2020-26835
|
2024-11-21 14:20 |
2020-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211277
|
5.4 |
MEDIUM
Network
|
sap
|
hana_database
|
SAP HANA Database, version - 2.0, does not correctly validate the username when performing SAML bearer token-based user authentication. It is possible to manipulate a valid existing SAML bearer token…
|
CWE-287
Improper Authentication
|
CVE-2020-26834
|
2024-11-21 14:20 |
2020-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211278
|
9.6 |
CRITICAL
Network
|
sap
|
businessobjects_business_intelligence_platform
|
SAP BusinessObjects BI Platform (Crystal Report), versions - 4.1, 4.2, 4.3, does not sufficiently validate uploaded XML entities during crystal report generation due to missing XML validation, An att…
|
NVD-CWE-Other
|
CVE-2020-26831
|
2024-11-21 14:20 |
2020-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211279
|
6.4 |
MEDIUM
Network
|
sap
|
disclosure_management
|
SAP Disclosure Management, version - 10.1, provides capabilities for authorized users to upload and download content of specific file type. In some file types it is possible to enter formulas which c…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-26828
|
2024-11-21 14:20 |
2020-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211280
|
6.5 |
MEDIUM
Network
|
sap
|
netweaver_application_server_java
|
Process Integration Monitoring of SAP NetWeaver AS JAVA, versions - 7.31, 7.40, 7.50, allows an attacker to upload any file (including script files) without proper file format validation, leading to …
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-26826
|
2024-11-21 14:20 |
2020-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
