Vulnerabilities > SAP > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-10-11 CVE-2022-39015 Unspecified vulnerability in SAP Business Objects Business Intelligence Platform 420/430
Under certain conditions, BOE AdminTools/ BOE SDK allows an attacker to access information which would otherwise be restricted.
network
low complexity
sap
6.5
2022-10-11 CVE-2022-39800 Unspecified vulnerability in SAP Businessobjects Business Intelligence 420/430
SAP BusinessObjects BI LaunchPad - versions 420, 430, is susceptible to script execution attack by an unauthenticated attacker due to improper sanitization of the user inputs while interacting on the network.
network
low complexity
sap
6.1
2022-10-11 CVE-2022-39807 Unspecified vulnerability in SAP 3D Visual Enterprise Author 9.0
Due to lack of proper memory management, when a victim opens manipulated SolidWorks Drawing (.sldasm, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.
local
low complexity
sap
5.5
2022-10-11 CVE-2022-41166 Unspecified vulnerability in SAP 3D Visual Enterprise Author 9.0
Due to lack of proper memory management, when a victim opens manipulated Wavefront Object (.obj, ObjTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.
local
low complexity
sap
5.5
2022-10-11 CVE-2022-41169 Unspecified vulnerability in SAP 3D Visual Enterprise Author 9.0
Due to lack of proper memory management, when a victim opens manipulated CATIA5 Part (.catpart, CatiaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.
local
low complexity
sap
5.5
2022-10-11 CVE-2022-41171 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in SAP 3D Visual Enterprise Author 9.0
Due to lack of proper memory management, when a victim opens manipulated CATIA4 Part (.model, CatiaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.
local
low complexity
sap CWE-119
5.5
2022-10-11 CVE-2022-41173 Unspecified vulnerability in SAP 3D Visual Enterprise Author 9.0
Due to lack of proper memory management, when a victim opens manipulated AutoCAD (.dxf, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.
local
low complexity
sap
5.5
2022-10-11 CVE-2022-41174 Unspecified vulnerability in SAP 3D Visual Enterprise Author 9.0
Due to lack of proper memory management, when a victim opens manipulated Right Hemisphere Material (.rhm, rh.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.
local
low complexity
sap
5.5
2022-10-11 CVE-2022-41176 Unspecified vulnerability in SAP 3D Visual Enterprise Author 9.0
Due to lack of proper memory management, when a victim opens manipulated Enhanced Metafile (.emf, emf.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.
local
low complexity
sap
5.5
2022-10-11 CVE-2022-41178 Unspecified vulnerability in SAP 3D Visual Enterprise Author 9.0
Due to lack of proper memory management, when a victim opens manipulated Iges Part and Assembly (.igs, .iges, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is possible for the application to crash and becomes temporarily unavailable to the user until restart of the application.
local
low complexity
sap
5.5