Vulnerabilidades em SAP SE

778 resultados
CVE-2021-21488MEDIUMKnowledge Management versions 7.01, 7.02, 7.30, 7.31, 7.40, 7.50 allows a remote attacker with basic privileges to deserialize user-controllEPSS 1.3%CVE-2021-44231Internally used text extraction reports allow an attacker to inject code that can be executed by the application. An attacker could thereby EPSS 1.3%CVE-2020-6304MEDIUMImproper input validation in SAP NetWeaver Internet Communication Manager (update provided in KRNL32NUC & KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EPSS 1.3%CVE-2020-26823CRITICALSAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorizatEPSS 1.3%CVE-2020-26824CRITICALSAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorizatEPSS 1.3%CVE-2020-26822CRITICALSAP Solution Manager (JAVA stack), version - 7.20, allows an unauthenticated attacker to compromise the system because of missing authorizatEPSS 1.3%CVE-2022-27667Under certain conditions, SAP BusinessObjects Business Intelligence platform, Client Management Console (CMC) - version 430, allows an attacEPSS 1.3%CVE-2022-22544Solution Manager (Diagnostics Root Cause Analysis Tools) - version 720, allows an administrator to execute code on all connected DiagnosticsEPSS 1.3%CVE-2019-0247SAP Cloud Connector, before version 2.11.3, allows an attacker to inject code that can be executed by the application. An attacker could theEPSS 1.3%CVE-2018-2381SAP ERP Financials Information System (SAP_APPL 6.00, 6.02, 6.03, 6.04, 6.05, 6.06, 6.16; SAP_FIN 6.17, 6.18, 7.00, 7.20, 7.30 S4CORE 1.00, EPSS 1.3%CVE-2020-6219CRITICALSAP Business Objects Business Intelligence Platform (CrystalReports WebForm Viewer), versions 4.1, 4.2, and Crystal Reports for VS version 2EPSS 1.3%CVE-2021-40500SAP BusinessObjects Business Intelligence Platform (Crystal Reports) - versions 420, 430, allows an unauthenticated attacker to exploit missEPSS 1.3%CVE-2018-2409MEDIUMImproper session management when using SAP Cloud Platform 2.0 (Connectivity Service and Cloud Connector). Under certain conditions, data of EPSS 1.3%CVE-2021-38178The software logistics system of SAP NetWeaver AS ABAP and ABAP Platform versions - 700, 701, 702, 710, 730, 731, 740, 750, 751, 752, 753, 7EPSS 1.3%CVE-2019-0349SAP Kernel (ABAP Debugger), versions KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT,EPSS 1.2%CVE-2021-33699HIGHTask Hijacking is a vulnerability that affects the applications running on Android devices due to a misconfiguration in their AndroidManifesEPSS 1.2%CVE-2018-2361In SAP Solution Manager 7.20, the role SAP_BPO_CONFIG gives the Business Process Operations (BPO) configuration user more authorization thanEPSS 1.2%CVE-2021-21473MEDIUMSAP NetWeaver AS ABAP and ABAP Platform, versions - 700, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, contains function modulEPSS 1.2%CVE-2021-27588MEDIUMWhen a user opens manipulated HPGL format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the applicatioEPSS 1.2%CVE-2021-27589MEDIUMWhen a user opens manipulated Scalable Vector Graphics (.SVG) format files received from untrusted sources in SAP 3D Visual Enterprise VieweEPSS 1.2%