Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap netweaver abap 7.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-4341
Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow remote malicious users to cause a denial of service (crash) and execute arbitrary code via a (1) long parameter value, (2) crafted string size field, or (3) long Parameter Name string in a pac...
Sap Netweaver Abap 7.0
Sap Netweaver Abap 7.02
Sap Netweaver Abap 7.03
8.8
CVSSv3
CVE-2019-0257
Customizing functionality of SAP NetWeaver AS ABAP Platform (fixed in versions from 7.0 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.53, from 7.74 to 7.75) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privil...
Sap Netweaver As Abap
Sap Netweaver Application Server Abap 7.31
Sap Netweaver Application Server Abap
Sap Netweaver Application Server Abap 7.30
Sap Netweaver Application Server Abap 7.40
NA
CVE-2013-6815
The SHSTI_UPLOAD_XML function in the Application Server for ABAP (AS ABAP) in SAP NetWeaver 7.31 and previous versions allows remote malicious users to cause a denial of service via unspecified vectors, related to an XML External Entity (XXE) issue.
Sap Netweaver
Sap Netweaver 7.30
Sap Netweaver 7.02
Sap Netweaver 7.03
Sap Netweaver 6.4
Sap Netweaver 7.0
Sap Netweaver 4.0
Sap Netweaver 7.01
Sap Netweaver 7.10
7.2
CVSSv3
CVE-2019-0328
ABAP Tests Modules (SAP Basis, versions 7.0, 7.1, 7.3, 7.31, 7.4, 7.5) of SAP NetWeaver Process Integration enables an attacker the execution of OS commands with privileged rights. An attacker could thereby impact the integrity and availability of the system.
Sap Netweaver Process Integration 7.31
Sap Netweaver Process Integration 7.0
Sap Netweaver Process Integration 7.1
Sap Netweaver Process Integration 7.3
Sap Netweaver Process Integration 7.4
Sap Netweaver Process Integration 7.5
6.1
CVSSv3
CVE-2018-2470
In SAP NetWeaver Application Server for ABAP, from 7.0 to 7.02, 7.30, 7.31, 7.40 and from 7.50 to 7.53, applications do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Sap Netweaver 7.30
Sap Netweaver 7.31
Sap Netweaver 7.40
Sap Netweaver
NA
CVE-2012-2511
The DiagTraceAtoms function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote malicious users to cause a denial of service (daemon crash) via a crafted SAP Diag packet.
Sap Netweaver 7.0
2 EDB exploits
NA
CVE-2012-2512
The DiagTraceStreamI function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote malicious users to cause a denial of service (daemon crash) via a crafted SAP Diag packet.
Sap Netweaver 7.0
2 EDB exploits
NA
CVE-2012-2513
The Diaginput function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote malicious users to cause a denial of service (daemon crash) via a crafted SAP Diag packet.
Sap Netweaver 7.0
2 EDB exploits
NA
CVE-2012-2514
The DiagiEventSource function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote malicious users to cause a denial of service (daemon crash) via a crafted SAP Diag packet.
Sap Netweaver 7.0
2 EDB exploits
9.8
CVSSv3
CVE-2011-1517
SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service caused by an error in the DiagTraceHex() function. By sending a specially-crafted packet, an attacker could exploit this vulnerability to cause the application to crash.
Sap Netweaver 7.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »