Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
businessobjects edge vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2015-7730
SAP BusinessObjects BI Platform 4.1, BusinessObjects Edge 4.0, and BusinessObjects XI (BOXI) 3.1 R3 allow remote malicious users to cause a denial of service (out-of-bounds read and listener crash) via a crafted GIOP packet, aka SAP Security Note 2001108.
Sap Businessobjects 4.1
Sap Businessobjects Xi 3.1
Sap Businessobjects Xi R3
Sap Businessobjects Edge 4.0
5
CVSSv2
CVE-2015-2075
SAP BusinessObjects Edge 4.0 allows remote malicious users to delete audit events from the auditee queue via a clearData CORBA operation, aka SAP Note 2011396.
Sap Businessobjects Edge 4.0
9.3
CVSSv2
CVE-2014-9320
SAP BusinessObjects Edge 4.1 allows remote malicious users to obtain the SI_PLATFORM_SEARCH_SERVER_LOGON_TOKEN token and consequently gain SYSTEM privileges via vectors involving CORBA calls, aka SAP Note 2039905.
Sap Businessobjects Edge 4.1
5
CVSSv2
CVE-2015-2073
The File RepositoRy Server (FRS) CORBA listener in SAP BussinessObjects Edge 4.0 allows remote malicious users to read arbitrary files via a full pathname, aka SAP Note 2018682.
Sap Businessobjects Edge 4.0
5
CVSSv2
CVE-2015-2074
The File Repository Server (FRS) CORBA listener in SAP BussinessObjects Edge 4.0 allows remote malicious users to write to arbitrary files via a full pathname, aka SAP Note 2018681.
Sap Businessobjects Edge 4.0
5
CVSSv2
CVE-2015-2076
The Auditing service in SAP BusinessObjects Edge 4.0 allows remote malicious users to obtain sensitive information by reading an audit event, aka SAP Note 2011395.
Sap Businessobjects Edge 4.0
3.5
CVSSv2
CVE-2014-8311
SAP BusinessObjects Edge 4.0 allows remote malicious users to obtain sensitive information via an InfoStore query to a CORBA listener.
Sap Businessobjects 4.0
10
CVSSv2
CVE-2014-9387
SAP BusinessObjects Edge 4.1 allows remote malicious users to obtain the SI_PLATFORM_SEARCH_SERVER_LOGON_TOKEN token and gain privileges via a crafted CORBA call, aka SAP Note 2039905.
Sap Businessobjects 4.1
7.1
CVSSv2
CVE-2014-8310
The CMS CORBA listener in SAP BusinessObjects BI Edge 4.0 allows remote malicious users to cause a denial of service (server shutdown) via crafted OSCAFactory::Session ORB message.
Sap Businessobjects 4.0
4.3
CVSSv2
CVE-2014-8308
Cross-site scripting (XSS) vulnerability in the Send to Inbox functionality in SAP BusinessObjects BI EDGE 4.0 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Sap Businessobjects 4.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
hardcoded
arbitrary code
CVE-2024-2404
CVE-2024-21111
CVE-2024-28627
CVE-2024-4073
information disclosure
CVE-2024-32780
CVE-2024-4040
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started