Show filters
24 Total Results
Displaying 1-10 of 24
Sort by:
Attacker Value
Low

CVE-2019-11358

Disclosure Date: April 20, 2019 (last updated February 17, 2024)
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other products, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
6
1
Attacker Value
Unknown

CVE-2025-0064

Disclosure Date: February 11, 2025 (last updated February 12, 2025)
Under specific conditions, the Central Management Console of the SAP BusinessObjects Business Intelligence platform allows an attacker with admin rights to generate or retrieve a secret passphrase, enabling them to impersonate any user in the system. This results in a high impact on confidentiality and integrity, with no impact on availability.
0
0
Attacker Value
Unknown

CVE-2024-43460

Disclosure Date: September 17, 2024 (last updated September 26, 2024)
Improper authorization in Dynamics 365 Business Central resulted in a vulnerability that allows an authenticated attacker to elevate privileges over a network.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-38225

Disclosure Date: September 10, 2024 (last updated September 18, 2024)
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-35249

Disclosure Date: June 11, 2024 (last updated January 12, 2025)
Microsoft Dynamics 365 Business Central Remote Code Execution Vulnerability
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-35248

Disclosure Date: June 11, 2024 (last updated January 12, 2025)
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2024-21380

Disclosure Date: February 13, 2024 (last updated January 12, 2025)
Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2023-38167

Disclosure Date: August 08, 2023 (last updated January 11, 2025)
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-41127

Disclosure Date: December 13, 2022 (last updated January 11, 2025)
Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central (On Premises) Remote Code Execution Vulnerability
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2022-41066

Disclosure Date: November 09, 2022 (last updated January 11, 2025)
Microsoft Business Central Information Disclosure Vulnerability
Attack Vector: NetworkPrivileges: HighUser Interaction: None
0
0
View More Topics  Next >