Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
businessobjects crystal reports vulnerabilities and exploits
(subscribe to this query)
935
VMScore
CVE-2008-0379
Race condition in the Enterprise Tree ActiveX control (EnterpriseControls.dll 11.5.0.313) in Crystal Reports XI Release 2 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via the SelectedSession method, which triggers a buffer...
Businessobjects Crystal Reports Xi R2
1 EDB exploit
765
VMScore
CVE-2006-6133
Stack-based buffer overflow in Visual Studio Crystal Reports for Microsoft Visual Studio .NET 2002 and 2002 SP1, .NET 2003 and 2003 SP1, and 2005 and 2005 SP1 (formerly Business Objects Crystal Reports XI Professional) allows user-assisted remote malicious users to execute arbitr...
Microsoft Visual Studio .net 2005
Businessobjects Crystal Reports Xi
Microsoft Visual Studio .net 2002
Microsoft Visual Studio .net 2003
1 EDB exploit
755
VMScore
CVE-2004-0204
Directory traversal vulnerability in the web viewers for Business Objects Crystal Reports 9 and 10, and Crystal Enterprise 9 or 10, as used in Visual Studio .NET 2003 and Outlook 2003 with Business Contact Manager, Microsoft Business Solutions CRM 1.2, and other products, allows ...
Bea Weblogic Server 8.1
Businessobjects Crystal Reports 10
Businessobjects Crystal Reports 9
Businessobjects Crystal Enterprise Java Sdk 8.5
Businessobjects Crystal Enterprise Ras 8.5
Borland Software J Builder
Microsoft Business Solutions Crm 1.2
Microsoft Outlook 2003
Businessobjects Crystal Enterprise 10
Businessobjects Crystal Enterprise 9
Microsoft Visual Studio .net 2003
1 EDB exploit
668
VMScore
CVE-2001-1464
Crystal Reports, when displaying data for a password protected database using HTML pages, embeds the username and password in cleartext in the HTML page and the URL, which allows remote malicious users to obtain passwords.
Businessobjects Crystal Reports
578
VMScore
CVE-2020-6219
SAP Business Objects Business Intelligence Platform (CrystalReports WebForm Viewer), versions 4.1, 4.2, and Crystal Reports for VS version 2010, allows an attacker with basic authorization to perform deserialization attack in the application, leading to service interruptions and ...
Sap Businessobjects Business Intelligence Platform 4.1
Sap Businessobjects Business Intelligence Platform 4.2
Sap Crystal Reports For Visual Studio 2010
1 Article
578
VMScore
CVE-2018-2427
SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, and SAP Crystal Reports (version for Visual Studio .NET, Version 2010) allows an malicious user to inject code that can be executed by the application. An attacker could thereby control the behaviour of the ...
Sap Crystal Reports -
Sap Businessobjects Business Intelligence 4.20
Sap Businessobjects Business Intelligence 4.10
445
VMScore
CVE-2021-40500
SAP BusinessObjects Business Intelligence Platform (Crystal Reports) - versions 420, 430, allows an unauthenticated malicious user to exploit missing XML validations at endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploita...
Sap Businessobjects Business Intelligence Platform 4.20
Sap Businessobjects Business Intelligence Platform 4.30
445
VMScore
CVE-2005-4813
Unspecified vulnerability in Report Application Server (Crystalras.exe) prior to 11.0.0.1370, as used in Business Objects Crystal Reports XI, Crystal Reports Server XI, and BusinessObjects Enterprise XI, allows remote malicious users to cause a denial of service (application hang...
Businessobjects Crystal Enterprise Xi
Businessobjects Crystal Reports Server Xi
Businessobjects Crystal Reports Xi
Businessobjects Report Application Server 11.0.0.0
445
VMScore
CVE-2004-1981
The web interface for Crystal Reports allows remote malicious users to cause a denial of service (disk exhaustion) by repeatedly requesting reports without retrieving the associated image files, which are not cleared from the image file folder.
Businessobjects Crystal Reports 9
Businessobjects Crystal Enterprise 10
Businessobjects Crystal Enterprise 9
Businessobjects Crystal Reports 10
NA
CVE-2023-0018
Due to improper input sanitization of user-controlled input in SAP BusinessObjects Business Intelligence Platform CMC application - versions 420, and 430, an attacker with basic user-level privileges can modify/upload crystal reports containing a malicious payload. Once these rep...
Sap Businessobjects Business Intelligence Platform 420
Sap Businessobjects Business Intelligence Platform 430
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started