Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap maxdb vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-2418
SAP MaxDB ODBC driver (all versions prior to 7.9.09.07) allows an malicious user to inject code that can be executed by the application. An attacker could thereby control the behavior of the application.
Sap Maxdb Odbc Driver
7.2
CVSSv3
CVE-2018-2450
SAP MaxDB (liveCache), versions 7.8 and 7.9, allows an attacker who gets DBM operator privileges to execute crafted database queries and therefore read, modify or delete sensitive data from database.
Sap Maxdb 7.9
Sap Maxdb 7.8
NA
CVE-2015-2278
The LZH decompression implementation (CsObjectInt::BuildHufTree function in vpa108csulzh.cpp) in SAP MaxDB 7.5 and 7.6, Netweaver Application Server ABAP, Netweaver Application Server Java, Netweaver RFC SDK, GUI, RFC SDK, SAPCAR archive tool, and other products allows context-de...
Sap Maxdb 7.5
Sap Netweaver Java Application Server -
Sap Netweaver Rfc Sdk -
Sap Gui -
Sap Rfc Library
Sap Maxdb 7.6
Sap Netweaver Abap Application Server -
1 Article
NA
CVE-2015-2282
Stack-based buffer overflow in the LZC decompression implementation (CsObjectInt::CsDecomprLZC function in vpa106cslzc.cpp) in SAP MaxDB 7.5 and 7.6, Netweaver Application Server ABAP, Netweaver Application Server Java, Netweaver RFC SDK, GUI, RFC SDK, SAPCAR archive tool, and ot...
Sap Maxdb 7.6
Sap Netweaver Abap Application Server -
Sap Gui -
Sap Rfc Library
Sap Maxdb 7.5
Sap Netweaver Java Application Server -
Sap Netweaver Rfc Sdk -
1 Article
NA
CVE-2010-1185
Stack-based buffer overflow in serv.exe in SAP MaxDB 7.4.3.32, and 7.6.0.37 up to and including 7.6.06 allows remote malicious users to execute arbitrary code via an invalid length parameter in a handshake packet to TCP port 7210. NOTE: some of these details are obtained from thi...
Sap Maxdb 7.6.06
Sap Maxdb 7.6.0.37
Sap Maxdb 7.4.3.32
1 EDB exploit
NA
CVE-2007-4475
Stack-based buffer overflow in EAI WebViewer3D ActiveX control (webviewer3d.dll) in SAP AG SAPgui prior to 7.10 Patch Level 9 allows remote malicious users to execute arbitrary code via a long argument to the SaveViewToSessionFile method.
Sap Sapgui 4.6a
Sap Sapgui 4.6c
Sap Sapgui 4.6d
Sap Sapgui 4.6
Sap Sapgui 4.6b
Sap Sapgui
Sap Sapgui 6.40
2 EDB exploits
NA
CVE-2008-1810
Untrusted search path vulnerability in dbmsrv in SAP MaxDB 7.6.03.15 on Linux allows local users to gain privileges via a modified PATH environment variable.
Sap Maxdb 7.6.03.15
NA
CVE-2008-0306
sdbstarter in SAP MaxDB 7.6.0.37, and possibly other versions, allows local users to execute arbitrary commands by using unspecified environment variables to modify configuration settings.
Sap Maxdb 7.6.0.37
NA
CVE-2008-0307
Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and possibly other versions, allows remote malicious users to execute arbitrary code via unknown vectors that trigger heap corruption.
Sap Maxdb 7.6.0.37
NA
CVE-2008-0244
SAP MaxDB 7.6.03 build 007 and previous versions allows remote malicious users to execute arbitrary commands via "&&" and other shell metacharacters in exec_sdbinfo and other unspecified commands, which are executed when MaxDB invokes cons.exe.
Sap Maxdb
1 EDB exploit
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »