For individuals

A vulnerability classified as problematic was found in CodeAstro Simple Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /doctor.html of the...

SAP?BusinessObjects Business?Intelligence Platform (Web Intelligence) is vulnerable to HTML Injection, allowing an attacker with basic user privileges to inject malicious code into specific input...

SAP Business Warehouse and SAP Plug-In Basis allows an authenticated attacker to add fields to arbitrary SAP database tables and/or structures, potentially rendering the system unusable. On...

SAP Netweaver System Configuration does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This could completely compromise the integrity...

SAP NetWeaver Business Warehouse CCAW application allows a privileged attacker to cause a high CPU load by executing a RFC enabled function modules without any input parameters, which results in...

An unauthenticated attacker may exploit a scenario where a Hashed Message Authentication Code (HMAC) credential, extracted from a system missing specific security patches, is reused in a replay...

SAP Business Warehouse and SAP BW/4HANA BEx Tools allow an authenticated attacker to gain higher access levels than intended by exploiting improper authorization checks. This could potentially...

Due to a missing authorization check in SAP NetWeaver Application server for ABAP, an authenticated user with high privileges could exploit the insufficient validation of user permissions to access...

SAP Business Warehouse (Business Explorer Web) allows an attacker to create a malicious link. If an authenticated user clicks on this link, the injected script gets executed within the scope of...

A critical vulnerability in SAP NetWeaver Application server for Java Log Viewer enables authenticated administrator users to exploit unsafe Java object deserialization. Successful exploitation can...