Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap basis vulnerabilities and exploits
(subscribe to this query)
801
VMScore
CVE-2019-0328
ABAP Tests Modules (SAP Basis, versions 7.0, 7.1, 7.3, 7.31, 7.4, 7.5) of SAP NetWeaver Process Integration enables an attacker the execution of OS commands with privileged rights. An attacker could thereby impact the integrity and availability of the system.
Sap Netweaver Process Integration 7.0
Sap Netweaver Process Integration 7.1
Sap Netweaver Process Integration 7.31
Sap Netweaver Process Integration 7.5
Sap Netweaver Process Integration 7.3
Sap Netweaver Process Integration 7.4
668
VMScore
CVE-2014-8663
SQL injection vulnerability in Data Basis (BW-WHM-DBA) in SAP NetWeaver Business Warehouse allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Sap Netweaver Business Warehouse -
578
VMScore
CVE-2019-0279
ABAP BASIS function modules INST_CREATE_R3_RFC_DEST, INST_CREATE_TCPIP_RFCDEST, and INST_CREATE_TCPIP_RFC_DEST in SAP BASIS (fixed in versions 7.0 to 7.02, 7.10 to 7.30, 7.31, 7.40, 7.50 to 7.53) do not perform necessary authorization checks in all circumstances for an authentica...
Sap Business Application Software Integrated Solution 7.31
Sap Business Application Software Integrated Solution
Sap Business Application Software Integrated Solution 7.40
578
VMScore
CVE-2018-2494
Necessary authorization checks for an authenticated user, resulting in escalation of privileges, have been fixed in SAP Basis AS ABAP of SAP NetWeaver 700 to 750, from 750 onwards delivered as ABAP Platform.
Sap Business Application Software Integrated Solution
Sap Business Application Software Integrated Solution 7.31
Sap Business Application Software Integrated Solution 7.40
578
VMScore
CVE-2018-2478
An attacker can use specially crafted inputs to execute commands on the host of a TREX / BWA installation, SAP Basis, versions: 7.0 to 7.02, 7.10 to 7.11, 7.30, 7.31, 7.40 and 7.50 to 7.53. Not all commands are possible, only those that can be executed by the <sid>adm user....
Sap Basis 7.31
Sap Basis 7.40
Sap Basis
Sap Basis 7.30
578
VMScore
CVE-2018-2367
ABAP File Interface in, SAP BASIS, from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an malicious user to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" a...
Sap Business Application Software Integrated Solution
Sap Business Application Software Integrated Solution 7.31
Sap Business Application Software Integrated Solution 7.40
Sap Business Application Software Integrated Solution 7.30
578
VMScore
CVE-2018-2363
SAP NetWeaver, SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, contains code that allows you to execute arbitrary program code of the user's choice. A malicious user can therefore control the behaviour of the system or can potentially esc...
Sap Netweaver -
Sap Business Application Software Integrated Solution 7.30
Sap Business Application Software Integrated Solution
Sap Business Application Software Integrated Solution 7.40
Sap Business Application Software Integrated Solution 7.31
578
VMScore
CVE-2017-16682
SAP NetWeaver Internet Transaction Server (ITS), SAP Basis from 7.00 to 7.02, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker with administrator credentials to inject code that can be executed by the application and thereby control the behavior of the application.
Sap Netweaver Internet Transaction Server -
Sap Business Application Software Integrated Solution
Sap Business Application Software Integrated Solution 7.31
Sap Business Application Software Integrated Solution 7.40
Sap Business Application Software Integrated Solution 7.30
534
VMScore
CVE-2013-3063
SAP BASIS Communication Services 4.6B up to and including 7.30 allows remote authenticated users to execute arbitrary commands via unspecified vectors.
Sap Basis Communication Services 4.6
Sap Basis Communication Services 7.30
517
VMScore
CVE-2017-16691
SAP Note Assistant tool (SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31,7.40, from 7.50 to 7.52) supports upload of digitally signed note file of type 'SAR'. The digital signature verification is done together with the extraction of note file contained in th...
Sap Business Application Software Integrated Solution 7.10
Sap Business Application Software Integrated Solution 7.30
Sap Business Application Software Integrated Solution 7.52
Sap Business Application Software Integrated Solution 7.00
Sap Business Application Software Integrated Solution 7.01
Sap Business Application Software Integrated Solution 7.31
Sap Business Application Software Integrated Solution 7.40
Sap Business Application Software Integrated Solution 7.50
Sap Business Application Software Integrated Solution 7.51
Sap Business Application Software Integrated Solution 7.02
Sap Business Application Software Integrated Solution 7.11
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »