Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap sap r 3 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2005-4815
SAP 6.4 prior to 6.40 patch 4, 6.2 prior to 6.20 patch 1364, 4.6 prior to 4.6D patch 1767, 45 prior to 45B patch 913, 40 prior to 40B patch 1008, and 31 prior to 31I patch 735 do not properly restrict process execution by lnaxdm/sapsys, which allows remote malicious users to exec...
Sap Sap R 3 40 Before Patch 1008
Sap Sap R 3 45 Before Patch 913
Sap Sap R 3 6.2 Before Patch 1364
Sap Sap R 3 6.4 Before Patch 4
Sap Sap R 3 31 Before 31i Patch 735
Sap Sap R 3 4.6 Before Patch 1767
6.1
CVSSv3
CVE-2019-0311
Automotive Dealer Portal in SAP R/3 Enterprise Application (versions: 600, 602, 603, 604, 605, 606, 616, 617) does not sufficiently encode user-controlled inputs, this makes it possible for an malicious user to send unwanted scripts to the browser of the victim using unwanted inp...
Sap R\\/3 Enterprise 603
Sap R\\/3 Enterprise 605
Sap R\\/3 Enterprise 606
Sap R\\/3 Enterprise 616
Sap R\\/3 Enterprise 617
Sap R\\/3 Enterprise 600
Sap R\\/3 Enterprise 602
Sap R\\/3 Enterprise 604
NA
CVE-2005-1691
Directory traversal vulnerability in Internet Graphics Server in SAP prior to 6.40 Patch 11 allows remote malicious users to read arbitrary files via ".." sequences in an HTTP GET request.
Sap Sap R 3
NA
CVE-2002-1578
The default installation of SAP R/3, when using Oracle and SQL*net V2 3.x, 4.x, and 6.10, allows remote malicious users to obtain arbitrary, sensitive SAP data by directly connecting to the Oracle database and executing queries against the database, which is not password-protecte...
Sap Sap R 3
NA
CVE-2002-1577
SAP R/3 2.0B to 4.6D installs several clients with default users and passwords, which allows remote malicious users to gain privileges via the (1) SAP*, (2) SAPCPIC, (3) DDIC, (4) EARLYWATCH, or (5) TMSADM accounts.
Sap Sap R 3 2.0b To 4.6d
NA
CVE-2003-1035
The default installation of SAP R/3 46C/D allows remote malicious users to bypass account locking by using the RFC API instead of the SAPGUI to conduct a brute force password guessing attack, which does not lock out the account like the SAPGUI does.
Sap Sapgui 4.6d
Sap Sap R 3
Sap Sapgui 4.6c
8.8
CVSSv3
CVE-2018-2436
Executing transaction WRCK in SAP R/3 Enterprise Retail (EHP6) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
Sap R\\/3 Enterprise Retail -
NA
CVE-2001-0366
saposcol in SAP R/3 Web Application Server Demo prior to 1.5 trusts the PATH environmental variable to find and execute the expand program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse expand program.
Sap Saposcol 1.1
Sap Saposcol 1.2
Sap Saposcol 1.0
Sap Saposcol 1.3
Sap Sap R 3 Web Application Server Demo
NA
CVE-2005-1272
Stack-based buffer overflow in the Backup Agent for Microsoft SQL Server in BrightStor ARCserve Backup Agent for SQL Server 11.0 allows remote malicious users to execute arbitrary code via a long string sent to port (1) 6070 or (2) 6050.
Ca Brightstor Arcserve Backup 9.0.1
Ca Brightstor Arcserve Backup 9.0 1
Ca Brightstor Arcserve Backup Agent 9.0.1
Ca Brightstor Enterprise Backup Agent 10.5
Ca Brightstor Arcserve Backup 11.1
Ca Brightstor Arcserve Backup Agent 11
Ca Brightstor Enterprise Backup Agent 10.0
Ca Brightstor Arcserve Backup 11.0
Ca Brightstor Arcserve Backup Agent 11.1
Ca Brightstor Arcserve Backup Agent 11.0
Broadcom Brightstor Enterprise Backup 10.0
Broadcom Brightstor Enterprise Backup 10.5
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-20065
open redirect
CVE-2024-1086
path traversal
CVE-2024-29825
XXE
CVE-2024-29822
CVE-2024-20696
CVE-2024-3564
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started