Vulnerabilidades em SAP
159 resultadosCVE-2018-2488—It is possible for a malware application installed on an Android device to send local push notifications with an empty message to SAP Fiori EPSS 0.8%CVE-2018-2460—SAP Business One Android application, version 1.2, does not verify the certificate properly for HTTPS connection. This allows attacker to doEPSS 0.8%CVE-2018-2486—SAP Marketing (UICUAN (1.20, 1.30, 1.40), SAPSCORE (1.13, 1.14)) does not sufficiently encode user-controlled inputs, resulting in Cross-SitEPSS 0.8%CVE-2018-2494—Necessary authorization checks for an authenticated user, resulting in escalation of privileges, have been fixed in SAP Basis AS ABAP of SAPEPSS 0.8%CVE-2018-2466—In Impact and Lineage Analysis in SAP Data Services, version 4.2, the management console does not sufficiently validate user-controlled inpuEPSS 0.8%CVE-2023-27497CRITICALMultiple vulnerabilities in SAP Diagnostics Agent (EventLogServiceCollector)EPSS 0.8%CVE-2018-2490—The broadcast messages received by SAP Fiori Client are not protected by permissions. SAP Fiori Client version 1.11.5 in Google Play store aEPSS 0.7%CVE-2018-2432—SAP BusinessObjects Business Intelligence (BI Launchpad and Central Management Console) versions 4.10, 4.20 and 4.30 allow an attacker to inEPSS 0.7%CVE-2023-0022CRITICALCode Injection vulnerability in SAP BusinessObjects Business Intelligence platform (Analysis edition for OLAP)EPSS 0.7%CVE-2018-2442—In SAP BusinessObjects Business Intelligence, versions 4.0, 4.1 and 4.2, while viewing a Web Intelligence report from BI Launchpad, the userEPSS 0.7%CVE-2023-0014CRITICALCapture-replay vulnerability in SAP NetWeaver AS for ABAP and ABAP PlatformEPSS 0.7%CVE-2018-2474—SAP Fiori 1.0 for SAP ERP HCM (Approve Leave Request, version 2) application allows an attacker to trick an authenticated user to send unintEPSS 0.7%CVE-2022-31596MEDIUMUnder certain conditions, an attacker authenticated as a CMS administrator and with high privileges access to the Network in SAP BusinessObjEPSS 0.7%CVE-2023-27897MEDIUMCode Injection vulnerability in SAP CRMEPSS 0.7%CVE-2023-27894MEDIUMSensitive Information Disclosure in the SAP BusinessObjects Business Intelligence platformEPSS 0.6%CVE-2023-0016CRITICALSQL Injection vulnerability in SAP Business Planning and Consolidation MSEPSS 0.6%CVE-2023-25618MEDIUMDenial of Service (DoS) vulnerability in SAP NetWeaver AS for ABAP and ABAP PlatformEPSS 0.6%CVE-2023-27270MEDIUMDenial of Service (DoS) in SAP NetWeaver AS for ABAP and ABAP PlatformEPSS 0.6%CVE-2023-28763MEDIUMDenial of Service in SAP NetWeaver AS for ABAP and ABAP PlatformEPSS 0.6%CVE-2023-24526MEDIUMImproper Access Control in SAP NetWeaver AS Java (Classload Service)EPSS 0.6%