CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6332 – SAP 3D Visual Enterprise Viewer HPGL File Parsing hpgl Plugin Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-6332
09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HPGL file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo HPGL manipulado recibido desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempo... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-20: Improper Input Validation •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6314 – SAP 3D Visual Enterprise Viewer HPGL File Parsing hpgl Plugin Untrusted Pointer Dereference Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-6314
09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HPGL file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo HPGL manipulado recibido desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempo... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-20: Improper Input Validation •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6333 – SAP 3D Visual Enterprise Viewer HPGL File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-6333
09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated 3DM file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo 3DM manipulado recibido desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempora... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6336 – SAP 3D Visual Enterprise Viewer PCX File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-6336
09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PCX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo PCX manipulado recibido desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempora... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-787: Out-of-bounds Write •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2020-6312
https://notcve.org/view.php?id=CVE-2020-6312
09 Sep 2020 — SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), versions - 4.1, 4.2, allows an attacker with a non-administrative user account that can edit certain web page properties, can modify how a browser processes particular page elements, leading to stored Cross Site Scripting. In certain situations, when a user accesses an affected web page element, the attacker will be able to access or modify metadata for which they are not authorized. SAP BusinessObjects Business Intelligen... • https://launchpad.support.sap.com/#/notes/2930128 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0CVE-2020-6341 – SAP 3D Visual Enterprise Viewer EPS File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-6341
09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated EPS file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo EPS manipulado recibido desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempora... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-125: Out-of-bounds Read •
CVSS: 4.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6334 – SAP 3D Visual Enterprise Viewer SKP File Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-6334
09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated SKP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo SKP manipulado recibido desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempora... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-20: Improper Input Validation CWE-416: Use After Free •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2020-6335 – SAP 3D Visual Enterprise Viewer HPGL File Parsing hpgl Plugin Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-6335
09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HPGL file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo HPGL manipulado recibido desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempo... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-787: Out-of-bounds Write •
CVSS: 4.3EPSS: 0%CPEs: 22EXPL: 0CVE-2020-6310
https://notcve.org/view.php?id=CVE-2020-6310
12 Aug 2020 — Improper access control in SOA Configuration Trace component in SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 702, 730, 731, 740, 750, allows any authenticated user to enumerate all SAP users, leading to Information Disclosure. Un control de acceso inapropiado en el componente SOA Configuration Trace en SAP NetWeaver (ABAP Server) y la plataforma ABAP, versiones - 702, 730, 731, 740, 750, permite a cualquier usuario autenticado enumerar todos los usuarios de SAP, conllevando a una Divulgación de... • https://launchpad.support.sap.com/#/notes/2944988 •
CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0CVE-2020-6309
https://notcve.org/view.php?id=CVE-2020-6309
12 Aug 2020 — SAP NetWeaver AS JAVA, versions - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; J2EE-FRMW 7.10, 7.11), does not perform any authentication checks for a web service allowing the attacker to send several payloads and leading to complete denial of service. SAP NetWeaver AS JAVA, versiones - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; J2EE-FRMW 7.10, 7.11), no lleva a cabo ninguna comprobación de autenticación para un servicio web permitiendo al atacante enviar varias carga... • https://launchpad.support.sap.com/#/notes/2941315 • CWE-306: Missing Authentication for Critical Function •