CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2021-21447
https://notcve.org/view.php?id=CVE-2021-21447
12 Jan 2021 — SAP BusinessObjects Business Intelligence platform, versions 410, 420, allows an authenticated attacker to inject malicious JavaScript payload into the custom value input field of an Input Control, which can be executed by User who views the relevant application content, which leads to Stored Cross-Site Scripting. La plataforma SAP BusinessObjects Business Intelligence, versiones 410, 420, permite a un atacante autenticado inyectar una carga útil de JavaScript maliciosa en el campo de entrada de valor perso... • https://launchpad.support.sap.com/#/notes/2965154 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-21448
https://notcve.org/view.php?id=CVE-2021-21448
12 Jan 2021 — SAP GUI for Windows, version - 7.60, allows an attacker to spoof logon credentials for Application Server ABAP backend systems in the client PCs memory. Under certain conditions the attacker can access information which would otherwise be restricted. The exploit can only be executed locally on the client PC and not via Network and the attacker needs at least user authorization of the Operating System user of the victim. SAP GUI para Windows, versión - 7.60, permite a un atacante falsificar las credenciales ... • https://launchpad.support.sap.com/#/notes/2992269 •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 0CVE-2021-21446
https://notcve.org/view.php?id=CVE-2021-21446
12 Jan 2021 — SAP NetWeaver AS ABAP, versions 740, 750, 751, 752, 753, 754, 755, allows an unauthenticated attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service, this has a high impact on the availability of the service. SAP NetWeaver AS ABAP, versiones 740, 750, 751, 752, 753, 754, 755, permite a un atacante no autenticado impedir que usuarios legítimos accedan a un servicio, ya sea bloqueando o inundando el servicio, esto presenta un alto impacto en la disponibilidad ... • https://launchpad.support.sap.com/#/notes/3000306 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-21464
https://notcve.org/view.php?id=CVE-2021-21464
12 Jan 2021 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PCX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo PCX manipulado recibido de fuentes no confiables, lo cual resulta en un bloqueo de la aplicación y que no esté disponible temporalmente... • https://launchpad.support.sap.com/#/notes/3002617 • CWE-20: Improper Input Validation •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-21471
https://notcve.org/view.php?id=CVE-2021-21471
12 Jan 2021 — In CLA-Assistant, versions before 2.8.5, due to improper access control an authenticated user could access API endpoints which are not intended to be used by the user. This could impact the integrity of the application. En CLA-Assistant, versiones anteriores a 2.8.5, debido a un control de acceso inapropiado, un usuario autenticado podría acceder a endpoints de la API que no están destinados a ser usados por el usuario. Esto podría afectar la integridad de la aplicación • https://github.com/cla-assistant/cla-assistant/security/advisories/GHSA-4h6f-c68c-pxhr •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-21459 – SAP 3D Visual Enterprise Viewer IFF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-21459
12 Jan 2021 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated IFF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo IFF manipulado recibido de fuentes no confiables, lo cual resulta en un bloqueo de la aplicación y que no esté disponible temporalmente... • https://launchpad.support.sap.com/#/notes/3002617 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-21461 – SAP 3D Visual Enterprise Viewer BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-21461
12 Jan 2021 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated BMP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo BMP manipulado recibido de fuentes no confiables, lo cual resulta en un bloqueo de la aplicación y que no esté disponible temporalmente... • https://launchpad.support.sap.com/#/notes/3002617 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-21462 – SAP 3D Visual Enterprise Viewer PCX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-21462
12 Jan 2021 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PCX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo PCX manipulado recibido de fuentes no confiables, lo cual resulta en un bloqueo de la aplicación y que no esté disponible temporalmente... • https://launchpad.support.sap.com/#/notes/3002617 • CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-21457 – SAP 3D Visual Enterprise Viewer IFF File Parsing Memory Corruption Remote Code Execution Vulnerabililty
https://notcve.org/view.php?id=CVE-2021-21457
12 Jan 2021 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated IFF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo IFF manipulado recibido de fuentes no confiables, lo cual resulta en un bloqueo de la aplicación y que no esté disponible temporalmente... • https://launchpad.support.sap.com/#/notes/3002617 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-21449 – SAP 3D Visual Enterprise Viewer IFF File Parsing Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-21449
12 Jan 2021 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated IFF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo IFF manipulado recibido de fuentes no confiables, lo cual resulta en un bloqueo de la aplicación y que no esté disponible temporalmente... • https://launchpad.support.sap.com/#/notes/3002617 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •