CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2020-6345 – SAP 3D Visual Enterprise Viewer TGA File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-6345
09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated TGA file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo TGA manipulado recibido desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempora... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6344 – SAP 3D Visual Enterprise Viewer PDF File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-6344
09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PDF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo PDF manipulado recibido desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempora... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-20: Improper Input Validation •
CVSS: 4.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6329 – SAP 3D Visual Enterprise Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-6329
09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated SKP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo SKP manipulado recibido desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempora... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-416: Use After Free •
CVSS: 6.1EPSS: 0%CPEs: 5EXPL: 0CVE-2020-6283
https://notcve.org/view.php?id=CVE-2020-6283
09 Sep 2020 — SAP Fiori Launchpad does not sufficiently encode user controlled inputs, and hence allowing the attacker to inject the meta tag into the launchpad html using the vulnerable parameter, resulting in reflected Cross-Site Scripting (XSS) vulnerability. With a successful attack, the attacker can steal authentication information of the user, such as data relating to his or her current session. SAP Fiori Launchpad no codifica suficientemente las entradas controladas por el usuario y, por lo tanto, permite al ataca... • https://launchpad.support.sap.com/#/notes/2865229 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.0EPSS: 1%CPEs: 1EXPL: 0CVE-2020-6330 – SAP 3D Visual Enterprise Viewer 3DM File Parsing rhino Plugin Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-6330
09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated 3DM file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo 3DM manipulado recibido desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempora... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-125: Out-of-bounds Read •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6327 – SAP 3D Visual Enterprise Viewer 3DM File Parsing Integer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-6327
09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated 3DM file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo 3DM manipulado recibido desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempora... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6331 – SAP 3D Visual Enterprise Viewer HPGL File Parsing hpgl Plugin Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-6331
09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HPGL file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo HPGL manipulado recibido desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempo... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-787: Out-of-bounds Write •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6328 – SAP 3D Visual Enterprise Viewer CGM File Parsing Untrusted Pointer Dereference Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-6328
09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated CGM file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo CGM manipulado recibido desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempora... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.4EPSS: 0%CPEs: 4EXPL: 0CVE-2020-6326
https://notcve.org/view.php?id=CVE-2020-6326
09 Sep 2020 — SAP NetWeaver (Knowledge Management), version-7.30,7.31,7.40,7.50, allows an authenticated attacker to create malicious links in the UI, when clicked by victim, will execute arbitrary java scripts thus extracting or modifying information otherwise restricted leading to Stored Cross Site Scripting. SAP NetWeaver (Knowledge Management), versión-7.30,7.31,7.40,7.50, permite a un atacante autenticado crear enlaces maliciosos en la Interfaz de Usuario, cuando la víctima haga clic en él, ejecutará scripts java ar... • https://launchpad.support.sap.com/#/notes/2953112 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6321 – SAP 3D Visual Enterprise Viewer U3D File Parsing 3difr Plugin Uninitialized Pointer Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-6321
09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated U3D file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo U3D manipulado recibido desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempora... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-824: Access of Uninitialized Pointer •