CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-31598
https://notcve.org/view.php?id=CVE-2022-31598
12 Jul 2022 — Due to insufficient input validation, SAP Business Objects - version 420, allows an authenticated attacker to submit a malicious request through an allowed operation. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application. Debido a una insuficiente comprobación de entrada, SAP Business Objects - versión 420, permite que un atacante autenticado envíe una petición maliciosa mediante una operación permitida. En caso de... • https://launchpad.support.sap.com/#/notes/3213279 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 4.9EPSS: 0%CPEs: 2EXPL: 0CVE-2022-32246
https://notcve.org/view.php?id=CVE-2022-32246
12 Jul 2022 — SAP Busines Objects Business Intelligence Platform (Visual Difference Application) - versions 420, 430, allows an authenticated attacker who has access to BI admin console to send crafted queries and extract data from the SQL backend. On successful exploitation, the attacker can cause limited impact on confidentiality and integrity of the application SAP Busines Objects Business Intelligence Platform (Visual Difference Application) - versiones 420, 430, permite a un atacante autenticado que tenga acceso a l... • https://launchpad.support.sap.com/#/notes/3203079 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32243
https://notcve.org/view.php?id=CVE-2022-32243
14 Jun 2022 — When a user opens manipulated Scalable Vector Graphics (.svg, svg.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. Cuando un usuario abre archivos manipulados de Scalable Vector Graphics (.svg, svg.x3d) recibidos de fuentes no confiables en SAP 3D Visual Enterprise Viewer, la aplicación es bloqueada y deja de estar disponible temporalmente para el usuario hasta que sea rein... • https://launchpad.support.sap.com/#/notes/3206271 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32242 – SAP 3D Visual Enterprise Viewer HDR File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-32242
14 Jun 2022 — When a user opens manipulated Radiance Picture (.hdr, hdr.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. Cuando un usuario abre archivos manipulados Radiance Picture (.hdr, hdr.x3d) recibidos de fuentes no confiables en SAP 3D Visual Enterprise Viewer, la aplicación es bloqueada y deja de estar disponible temporalmente para el usuario hasta que sea reiniciada la aplicació... • https://launchpad.support.sap.com/#/notes/3206271 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32241
https://notcve.org/view.php?id=CVE-2022-32241
14 Jun 2022 — When a user opens manipulated Portable Document Format (.pdf, PDFView.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. Cuando un usuario abre archivos manipulados en formato de documento portátil (.pdf, PDFView.x3d) recibidos de fuentes no confiables en SAP 3D Visual Enterprise Viewer, la aplicación es bloqueada y deja de estar disponible temporalmente para el usuario hasta... • https://launchpad.support.sap.com/#/notes/3206271 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32240 – SAP 3D Visual Enterprise Viewer JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-32240
14 Jun 2022 — When a user opens manipulated Jupiter Tesselation (.jt, JTReader.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. Cuando un usuario abre archivos manipulados de Jupiter Tesselation (.jt, JTReader.x3d) recibidos de fuentes no confiables en SAP 3D Visual Enterprise Viewer, la aplicación es bloqueada y deja de estar disponible temporalmente para el usuario hasta que sea reinic... • https://launchpad.support.sap.com/#/notes/3206271 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32239
https://notcve.org/view.php?id=CVE-2022-32239
14 Jun 2022 — When a user opens manipulated JPEG 2000 (.jp2, jp2k.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. Cuando un usuario abre archivos JPEG 2000 (.jp2, jp2k.x3d) manipulados recibidos de fuentes no confiables en SAP 3D Visual Enterprise Viewer, la aplicación es bloqueada y deja de estar disponible temporalmente para el usuario hasta que sea reiniciada la aplicación • https://launchpad.support.sap.com/#/notes/3206271 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32238 – SAP 3D Visual Enterprise Viewer EPS File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-32238
14 Jun 2022 — When a user opens manipulated Encapsulated Post Script (.eps, ai.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. Cuando un usuario abre archivos encapsulados Post Script (.eps, ai.x3d) recibidos de fuentes no confiables en SAP 3D Visual Enterprise Viewer, la aplicación es bloqueada y deja de estar disponible temporalmente para el usuario hasta que sea reiniciada la aplicac... • https://launchpad.support.sap.com/#/notes/3206271 • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32237
https://notcve.org/view.php?id=CVE-2022-32237
14 Jun 2022 — When a user opens manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. Cuando un usuario abre archivos manipulados Computer Graphics Metafile (.cgm, CgmCore.dll) recibidos de fuentes no confiables en SAP 3D Visual Enterprise Viewer, la aplicación es bloqueada y deja de estar disponible temporalmente para el usuario hasta que... • https://launchpad.support.sap.com/#/notes/3206271 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-32236 – SAP 3D Visual Enterprise Viewer BPM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-32236
14 Jun 2022 — When a user opens manipulated Windows Bitmap (.bmp, 2d.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. Cuando un usuario abre archivos manipulados de mapa de bits de Windows (.bmp, 2d.x3d) recibidos de fuentes no confiables en SAP 3D Visual Enterprise Viewer, la aplicación es bloqueada y deja de estar disponible temporalmente para el usuario hasta que sea reiniciada la apl... • https://launchpad.support.sap.com/#/notes/3206271 • CWE-20: Improper Input Validation •