CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-6311
https://notcve.org/view.php?id=CVE-2020-6311
09 Sep 2020 — Banking services from SAP 9.0 (Bank Analyzer), version - 500, and SAP S/4HANA for financial products subledger, version � 100, does not correctly perform necessary authorization checks for an authenticated user due to Improper Authorization checks, that may cause a system administrator to create incorrect authorization proposals. This may result in privilege escalation and may expose restricted banking data. Los Servicios Banking de SAP (Bank Analyzer), versión - 500, y SAP S/4HANA para el libro mayor de pr... • https://launchpad.support.sap.com/#/notes/2951325 • CWE-285: Improper Authorization CWE-863: Incorrect Authorization •
CVSS: 6.1EPSS: 0%CPEs: 12EXPL: 0CVE-2020-6324
https://notcve.org/view.php?id=CVE-2020-6324
09 Sep 2020 — SAP Netweaver AS ABAP(BSP Test Application sbspext_table), version-700,701,720,730,731,740,750,751,752,753,754,755, allows an unauthenticated attacker to send polluted URL to the victim, when the victim clicks on this URL, the attacker can read, modify the information available in the victim�s browser leading to Reflected Cross Site Scripting. SAP Netweaver AS ABAP(BSP Test Application sbspext_table), versión-700,701,720,730,731,740,750,751,752,753,754,755, permite a un atacante no autenticado enviar una UR... • https://launchpad.support.sap.com/#/notes/2948239 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6359 – SAP 3D Visual Enterprise Viewer PLT File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-6359
09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PLT file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo PLT manipulado recibido desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempora... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6358 – SAP 3D Visual Enterprise Viewer FBX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-6358
09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated FBX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo FBX manipulado recibido desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempora... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6360 – SAP 3D Visual Enterprise Viewer DIB File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-6360
09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated DIB file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo DIB manipulado recibido desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempora... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6355 – SAP 3D Visual Enterprise Viewer TGA File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-6355
09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated TGA file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo TGA manipulado recibido desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempora... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6361 – SAP 3D Visual Enterprise Viewer RLE File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-6361
09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated RLE files received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir archivos RLE manipulados recibidos desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempor... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6357 – SAP 3D Visual Enterprise Viewer U3D File Parsing Memory Corruption Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-6357
09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated U3D file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo U3D manipulado recibido desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempora... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6353 – SAP 3D Visual Enterprise Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-6353
09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated SKP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo SKP manipulado recibido desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempora... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6356 – SAP 3D Visual Enterprise Viewer BMP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-6356
09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated BMP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo BMP manipulado recibido desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempora... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-787: Out-of-bounds Write •