Szolgáltatóknak

SAP S/4HANA and SAP SCM Characteristic Propagation has remote code execution vulnerability. This allows an attacker with high privileges to create a new report with his own code potentially gaining...

SAP NetWeaver allows an authenticated non-administrative user to call the remote-enabled function module which could grants access to non-sensitive information about the SAP system and OS without...

SAP NetWeaver Application Server ABAP and ABAP Platform allows an unauthenticated attacker to inject a malicious script into a dynamically crafted URL. The victim, when tricked into clicking on...

SAPCAR improperly sanitizes the file paths while extracting SAPCAR archives. Due to this, an attacker could craft a malicious SAPCAR archive containing directory traversal sequences. When a high...

A memory corruption vulnerability exists in SAPCAR allowing an attacker to craft malicious SAPCAR archives. When a high privileged victim extracts this malicious archive, it gets processed by...

Due to a Cross-Site Scripting vulnerability in SAP Data Services Management Console, an authenticated attacker could exploit the search functionality associated with DQ job status reports. By...

Due to missing authorization check, an attacker authenticated as a non-administrative user could call a remote-enabled function module. This could enable access to information normally restricted,...

The widely used component that establishes outbound TLS connections in SAP NetWeaver Application Server Java does not reliably match the hostname that is used for the connection against the...

The GuiXT application, which is integrated with SAP GUI for Windows, uses obfuscation algorithms instead of secure symmetric ciphers for storing the credentials of an RFC user on the client PC....

SAP NetWeaver Enterprise Portal Federated Portal Network is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potentially lead to a...