Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
business one vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-41127
Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability
Microsoft Dynamics Nav 2017
Microsoft Dynamics Nav 2016
Microsoft Dynamics 365 Business Central 2019
Microsoft Dynamics Nav 2018
Microsoft Dynamics 365 Business Central 2020
Microsoft Dynamics 365 Business Central 2021
Microsoft Dynamics 365 Business Central 2022
1 Article
NA
CVE-2022-35292
In SAP Business One application when a service is created, the executable path contains spaces and isn’t enclosed within quotes, leading to a vulnerability known as Unquoted Service Path which allows a user to gain SYSTEM privileges. If the service is exploited by adversari...
Sap Business One 10.0
NA
CVE-2022-36336
A link following vulnerability in the scanning function of Trend Micro Apex One and Worry-Free Business Security agents could allow a local malicious user to escalate privileges on affected installations. The resolution for this issue has been deployed automatically via ActiveUpd...
Trendmicro Apex One 2019
Trendmicro Worry-free Business Security 10.0
Trendmicro Worry-free Business Security Services -
Trendmicro Apex One -
6.5
CVSSv2
CVE-2022-31593
SAP Business One client - version 10.0 allows an attacker with low privileges, to inject code that can be executed by the application. An attacker could thereby control the behavior of the application.
Sap Business One 10.0
5
CVSSv2
CVE-2022-32249
Under special integration scenario of SAP Business one and SAP HANA - version 10.0, an attacker can exploit HANA cockpit?s data volume to gain access to highly sensitive information (e.g., high privileged account credentials)
Sap Business One 10.0
5
CVSSv2
CVE-2022-35168
Due to improper input sanitization of XML input in SAP Business One - version 10.0, an attacker can perform a denial-of-service attack rendering the system temporarily inoperative.
Sap Business One 10.0
5
CVSSv2
CVE-2022-28771
Due to missing authentication check, SAP Business one License service API - version 10.0 allows an unauthenticated malicious user to send malicious http requests over the network. On successful exploitation, an attacker can break the whole application making it inaccessible.
Sap Business One License Service Api 10.0
6.5
CVSSv2
CVE-2022-24854
Metabase is an open source business intelligence and analytics application. SQLite has an FDW-like feature called `ATTACH DATABASE`, which allows connecting multiple SQLite databases via the initial connection. If the attacker has SQL permissions to at least one SQLite database, ...
Metabase Metabase
7.2
CVSSv2
CVE-2022-24679
A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow a local malicious user to crea...
Trendmicro Apex One -
Trendmicro Apex One 2019
Trendmicro Worry-free Business Security 10.0
Trendmicro Worry-free Business Security Services -
7.2
CVSSv2
CVE-2022-24680
A security link following local privilege escalation vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service, Trend Micro Worry-Free Business Security 10.0 SP1 and Trend Micro Worry-Free Business Security Services agents could allow a local malicious user to crea...
Trendmicro Apex One -
Trendmicro Apex One 2019
Trendmicro Worry-free Business Security 10.0
Trendmicro Worry-free Business Security Services -
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »