cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-44112,https://securityvulnerability.io/vulnerability/CVE-2024-44112,Attackers Can Delete Non-Sensitive Entries in User Data Table Due to Lack of Authorization Check,"Due to missing authorization check in SAP for Oil & Gas (Transportation and Distribution), an attacker authenticated as a non-administrative user could call a remote-enabled function which will allow them to delete non-sensitive entries in a user data table. There is no effect on confidentiality or availability.",SAP,SAP For Oil & Gas,4.3,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2024-09-10T04:03:08.115Z,0
CVE-2023-36922,https://securityvulnerability.io/vulnerability/CVE-2023-36922,OS command injection vulnerability in SAP ECC and SAP S/4HANA (IS-OIL),A programming error within the IS-OIL component of SAP ECC and SAP S/4HANA enables an authenticated attacker to inject arbitrary operating system commands into an unprotected parameter in a commonly used extension. This flaw permits the attacker to not only read and alter system data but also possibly disrupt the functioning of the system by shutting it down.,SAP,SAP ECC and SAP S/4HANA (IS-OIL),8.8,HIGH,0.0010999999940395355,false,false,false,false,,false,false,2023-07-11T03:15:00.000Z,0