Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap enable now 1.0 vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv3
CVE-2021-27637
Under certain conditions SAP Enable Now (SAP Workforce Performance Builder - Manager), versions - 1.0, 10 allows an malicious user to access information which would otherwise be restricted leading to information disclosure.
Sap Enable Now 1.0
Sap Enable Now 10.0
6.1
CVSSv3
CVE-2023-36920
In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the X-FRAME-OPTIONS response header is not implemented, allowing an unauthenticated malicious user to attempt clickjacking, which could result in disclosure or modif...
Sap Enable Now Enable Now Consump Del 1704
Sap Enable Now Wpb Manager Hana 10
Sap Enable Now Wpb Manager Ce 10
Sap Enable Now Wpb Manager 1.0
9.1
CVSSv3
CVE-2022-35293
Due to insecure session management, SAP Enable Now allows an unauthenticated malicious user to gain access to user's account. On successful exploitation, an attacker can view or modify user data causing limited impact on confidentiality and integrity of the application.
Sap Enable Now Manager 1.0
5.3
CVSSv3
CVE-2023-36919
In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the Referrer-Policy response header is not implemented, allowing an unauthenticated malicious user to obtain referrer details, resulting in information disclosure.
Sap Enable Now -
6.1
CVSSv3
CVE-2023-33988
In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the Content-Security-Policy and X-XSS-Protection response headers are not implemented, allowing an unauthenticated malicious user to attempt reflected cross-site scr...
Sap Enable Now -
6.1
CVSSv3
CVE-2023-36918
In SAP Enable Now - versions WPB_MANAGER 1.0, WPB_MANAGER_CE 10, WPB_MANAGER_HANA 10, ENABLE_NOW_CONSUMP_DEL 1704, the X-Content-Type-Options response header is not implemented, allowing an unauthenticated malicious user to trigger MIME type sniffing, which leads to Cross-Site Sc...
Sap Enable Now -
7.8
CVSSv3
CVE-2022-0330
A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system.
Linux Linux Kernel
Linux Linux Kernel 5.17
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux For Scientific Computing 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux For Power Little Endian 7.0
Redhat Enterprise Linux For Real Time 7
Redhat Enterprise Linux For Real Time For Nfv 7
Redhat Enterprise Linux For Power Big Endian 7.0
Redhat Enterprise Linux Server Aus 7.3
Redhat Enterprise Linux Server Aus 7.4
Redhat Enterprise Linux Server Aus 7.6
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux For Real Time 8
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started