Page 79 of 1555 results (0.010 seconds)

CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0

09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HPGL file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo HPGL manipulado recibido desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempo... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-20: Improper Input Validation •

CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0

09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HPGL file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo HPGL manipulado recibido desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempo... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-20: Improper Input Validation •

CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0

09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated 3DM file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo 3DM manipulado recibido desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempora... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PCX file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo PCX manipulado recibido desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempora... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-787: Out-of-bounds Write •

CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0

09 Sep 2020 — SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), versions - 4.1, 4.2, allows an attacker with a non-administrative user account that can edit certain web page properties, can modify how a browser processes particular page elements, leading to stored Cross Site Scripting. In certain situations, when a user accesses an affected web page element, the attacker will be able to access or modify metadata for which they are not authorized. SAP BusinessObjects Business Intelligen... • https://launchpad.support.sap.com/#/notes/2930128 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 1%CPEs: 1EXPL: 0

09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated EPS file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo EPS manipulado recibido desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempora... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-125: Out-of-bounds Read •

CVSS: 4.5EPSS: 0%CPEs: 1EXPL: 0

09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated SKP file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo SKP manipulado recibido desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempora... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-20: Improper Input Validation CWE-416: Use After Free •

CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0

09 Sep 2020 — SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HPGL file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. SAP 3D Visual Enterprise Viewer, versión - 9, permite a un usuario abrir un archivo HPGL manipulado recibido desde fuentes no confiables, lo que resulta en un bloqueo de la aplicación y trae una no disponibilidad tempo... • https://launchpad.support.sap.com/#/notes/2960815 • CWE-787: Out-of-bounds Write •

CVSS: 4.3EPSS: 0%CPEs: 22EXPL: 0

12 Aug 2020 — Improper access control in SOA Configuration Trace component in SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 702, 730, 731, 740, 750, allows any authenticated user to enumerate all SAP users, leading to Information Disclosure. Un control de acceso inapropiado en el componente SOA Configuration Trace en SAP NetWeaver (ABAP Server) y la plataforma ABAP, versiones - 702, 730, 731, 740, 750, permite a cualquier usuario autenticado enumerar todos los usuarios de SAP, conllevando a una Divulgación de... • https://launchpad.support.sap.com/#/notes/2944988 •

CVSS: 7.8EPSS: 0%CPEs: 7EXPL: 0

12 Aug 2020 — SAP NetWeaver AS JAVA, versions - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; J2EE-FRMW 7.10, 7.11), does not perform any authentication checks for a web service allowing the attacker to send several payloads and leading to complete denial of service. SAP NetWeaver AS JAVA, versiones - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; J2EE-FRMW 7.10, 7.11), no lleva a cabo ninguna comprobación de autenticación para un servicio web permitiendo al atacante enviar varias carga... • https://launchpad.support.sap.com/#/notes/2941315 • CWE-306: Missing Authentication for Critical Function •