Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap netweaver 7.0 vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2012-4341
Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow remote malicious users to cause a denial of service (crash) and execute arbitrary code via a (1) long parameter value, (2) crafted string size field, or (3) long Parameter Name string in a pac...
Sap Netweaver Abap 7.0
Sap Netweaver Abap 7.02
Sap Netweaver Abap 7.03
9.3
CVSSv2
CVE-2012-2611
The DiagTraceR3Info function in the Dialog processor in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2, when a certain Developer Trace configuration is enabled, allows remote malicious users to execute arbitrary code via a...
Sap Netweaver 7.0
3 EDB exploits
1 Github repository
9
CVSSv2
CVE-2021-38163
SAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7.50, without restriction, an attacker authenticated as a non-administrative user can upload a malicious file over a network and trigger its processing, which is capable of running operating system commands with ...
Sap Netweaver 7.30
Sap Netweaver 7.31
Sap Netweaver 7.40
Sap Netweaver 7.50
1 Github repository
1 Article
9
CVSSv2
CVE-2019-0328
ABAP Tests Modules (SAP Basis, versions 7.0, 7.1, 7.3, 7.31, 7.4, 7.5) of SAP NetWeaver Process Integration enables an attacker the execution of OS commands with privileged rights. An attacker could thereby impact the integrity and availability of the system.
Sap Netweaver Process Integration 7.0
Sap Netweaver Process Integration 7.1
Sap Netweaver Process Integration 7.31
Sap Netweaver Process Integration 7.5
Sap Netweaver Process Integration 7.3
Sap Netweaver Process Integration 7.4
7.8
CVSSv2
CVE-2007-3615
Internet Communication Manager (aka ICMAN.exe or ICM) in SAP NetWeaver Application Server 6.x and 7.x, possibly only on Windows, allows remote malicious users to cause a denial of service (process crash) via a URI of a certain length that contains a sap-isc-key parameter, related...
Sap Internet Communication Manager
Sap Sap Web Application Server 6.10
Sap Sap Web Application Server 6.20
Sap Sap Web Application Server 6.40
Sap Sap Web Application Server 7.0
Sap Sap Web Application Server 7.0.10
7.6
CVSSv2
CVE-2011-1516
The kSBXProfileNoNetwork and kSBXProfileNoInternet sandbox profiles in Apple Mac OS X 10.5.x up to and including 10.7.x do not propagate restrictions to all created processes, which allows remote malicious users to access network resources via a crafted application, as demonstrat...
Apple Mac Os X 10.5.1
Apple Mac Os X 10.5.2
Apple Mac Os X 10.6.0
Apple Mac Os X 10.6.1
Apple Mac Os X 10.6.8
Apple Mac Os X 10.7.0
Apple Mac Os X 10.5.0
Apple Mac Os X 10.5.7
Apple Mac Os X 10.5.8
Apple Mac Os X 10.6.6
Apple Mac Os X 10.6.7
Apple Mac Os X 10.5.3
Apple Mac Os X 10.5.4
Apple Mac Os X 10.6.2
Apple Mac Os X 10.6.3
Apple Mac Os X 10.7.1
Apple Mac Os X 10.7.2
Apple Mac Os X 10.5.5
Apple Mac Os X 10.5.6
Apple Mac Os X 10.6.4
Apple Mac Os X 10.6.5
1 EDB exploit
7.5
CVSSv2
CVE-2011-1517
SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service caused by an error in the DiagTraceHex() function. By sending a specially-crafted packet, an attacker could exploit this vulnerability to cause the application to crash.
Sap Netweaver 7.0
7.5
CVSSv2
CVE-2016-10311
Stack-based buffer overflow in SAP NetWeaver 7.0 up to and including 7.5 allows remote malicious users to cause a denial of service () by sending a crafted packet to the SAPSTARTSRV port, aka SAP Security Note 2295238.
Sap Netweaver 7.0
Sap Netweaver 7.3
Sap Netweaver 7.4
Sap Netweaver 7.5
6.5
CVSSv2
CVE-2019-0355
SAP NetWeaver Application Server Java Web Container, ENGINEAPI (prior to 7.10, 7.20, 7.30, 7.31, 7.40, 7.50) and SAP-JEECOR (prior to 6.40, 7.0, 7.01), allows an malicious user to inject code that can be executed by the application. An attacker could thereby control the behaviour...
Sap Netweaver Application Server Java 7.30
Sap Netweaver Application Server Java 7.31
Sap Netweaver Application Server Java 7.40
Sap Netweaver Application Server Java 7.50
Sap Netweaver Application Server Java 7.10
Sap Netweaver Application Server Java 7.20
6.5
CVSSv2
CVE-2019-0257
Customizing functionality of SAP NetWeaver AS ABAP Platform (fixed in versions from 7.0 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.53, from 7.74 to 7.75) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privil...
Sap Netweaver As Abap
Sap Netweaver Application Server Abap 7.31
Sap Netweaver Application Server Abap
Sap Netweaver Application Server Abap 7.30
Sap Netweaver Application Server Abap 7.40
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »