Sap Vulnerabilities

This vulnerability allows an attacker to run malicious code on a victim's computer when they open a specially crafted AutoCAD file in SAP 3D Visual Enterprise Author. The attacker needs the victim to open this manipulated file, which can come from untrusted sources, to exploit the flaw.

This vulnerability allows an attacker to execute malicious code on a victim's system by tricking them into opening a specially crafted 3D object file in SAP 3D Visual Enterprise Author. It requires the victim to open a file from an untrusted source, which can lead to serious security breaches.

This vulnerability allows an attacker to run malicious code on a victim's computer if they open a specially crafted SolidWorks Drawing file in SAP 3D Visual Enterprise Author version 9. The attacker needs the victim to open this manipulated file, which could come from untrusted sources, to exploit the flaw.

This vulnerability allows an attacker to run malicious code on a victim's computer by tricking them into opening a specially crafted graphics file in SAP 3D Visual Enterprise Author. It requires the victim to open a file from an untrusted source, which can lead to serious security breaches.

An attacker can execute malicious code on a victim's system by tricking them into opening a specially crafted SolidWorks Part file in SAP 3D Visual Enterprise Author. This vulnerability requires the victim to open a file from an untrusted source, which can lead to serious security breaches.

This vulnerability allows an attacker to run malicious code on a victim's computer if they open a specially crafted 3D file from an untrusted source in SAP 3D Visual Enterprise Author. It requires the victim to open the manipulated file, which can exploit memory management flaws in the software.

This vulnerability allows an attacker to access restricted information in the SAP Authenticator app for Android. It occurs under specific conditions, meaning that certain circumstances must be met for the attack to succeed.

This vulnerability allows an attacker to send harmful requests to the SAP Business One License service without needing to log in, potentially crashing the entire application and making it unavailable to users. The attacker only needs network access to exploit this flaw, which means they don't need any special permissions or credentials.

This vulnerability allows an attacker with an authenticated account to gain higher privileges than intended, potentially letting them access sensitive data or perform unauthorized actions within the SAP Financial Consolidation system. It occurs because the software fails to properly check if the user has permission for certain actions, meaning that simply being logged in is enough for exploitation.

This vulnerability allows an attacker to cause the SAP Web Dispatcher and Internet Communication Manager to crash, resulting in a denial of service that temporarily disrupts access to the application. The attacker needs to send specially crafted requests that trigger uncontrolled recursion, but the system can automatically restart afterward.

An attacker with basic user rights can upload or download files in the SAP S/4HANA application, allowing them to run malicious scripts that could expose or alter sensitive information. This vulnerability arises because the application fails to properly check the files being handled.

This vulnerability allows an attacker with basic user rights to upload harmful files or code into the SAP S/4HANA application, potentially leading to unauthorized changes to critical information or making the application unavailable. The issue arises because the application does not properly check the files being uploaded or downloaded, making it easy for attackers to exploit.

This vulnerability allows an attacker, who is already logged in as a regular user, to upload a harmful file that can execute commands on the server with high-level privileges. This means they could access, change, or delete sensitive information, or even take the server offline, making it unusable.