Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap business one 10.0 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-33685
SAP Business One version - 10.0 allows low-level authorized malicious user to traverse the file system to access files or directories that are outside of the restricted directory. A successful attack allows access to high level sensitive data
Sap Business One 10.0
7.8
CVSSv3
CVE-2021-33700
SAP Business One, version - 10.0, allows a local attacker with access to the victim's browser under certain circumstances, to login as the victim without knowing his/her password. The attacker could so obtain highly sensitive information which the attacker could use to take ...
Sap Business One 10.0
8.8
CVSSv3
CVE-2021-33704
The Service Layer of SAP Business One, version - 10.0, allows an authenticated malicious user to invoke certain functions that would otherwise be restricted to specific users. For an malicious user to discover the vulnerable function, no in-depth system knowledge is required. Onc...
Sap Business One 10.0
7.5
CVSSv3
CVE-2022-28771
Due to missing authentication check, SAP Business one License service API - version 10.0 allows an unauthenticated malicious user to send malicious http requests over the network. On successful exploitation, an attacker can break the whole application making it inaccessible.
Sap Business One License Service Api 10.0
7.8
CVSSv3
CVE-2021-27613
Under certain conditions, SAP Business One Chef cookbook, version - 9.2, 9.3, 10.0, used to install SAP Business One, allows an malicious user to exploit an insecure temporary folder for incoming & outgoing payroll data and to access information which would otherwise be restr...
Sap Chef Business-one-cookbook 0.1.9
7.1
CVSSv3
CVE-2021-27614
SAP Business One Hana Chef Cookbook, versions - 8.82, 9.0, 9.1, 9.2, 9.3, 10.0, used to install SAP Business One on SAP HANA, allows an malicious user to inject code that can be executed by the application. An attacker could thereby control the behaviour of the application thereb...
5.9
CVSSv3
CVE-2020-1971
The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This functi...
Openssl Openssl
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 32
Fedoraproject Fedora 33
Oracle Api Gateway 11.1.2.4.0
Oracle Peoplesoft Enterprise Peopletools 8.56
Oracle Business Intelligence 12.2.1.3.0
Oracle Peoplesoft Enterprise Peopletools 8.57
Oracle Jd Edwards World Security A9.4
Oracle Business Intelligence 12.2.1.4.0
Oracle Enterprise Manager Base Platform 13.3.0.0
Oracle Business Intelligence 5.5.0.0.0
Oracle Peoplesoft Enterprise Peopletools 8.58
Oracle Enterprise Manager Base Platform 13.4.0.0
Oracle Http Server 12.2.1.4.0
Oracle Enterprise Manager For Storage Management 13.4.0.0
Oracle Enterprise Manager Ops Center 12.4.0.0
Oracle Mysql
Oracle Graalvm 19.3.4
Oracle Graalvm 20.3.0
Oracle Essbase 21.2
5 Github repositories
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3