Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap sapgui vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2016-9832
PricewaterhouseCoopers (PwC) ACE-ABAP 8.10.304 for SAP Security allows remote authenticated users to conduct ABAP injection attacks and execute arbitrary code via (1) SAPGUI or (2) Internet Communication Framework (ICF) over HTTP or HTTPS, as demonstrated by WEBGUI or Report.
Pwc Ace-advanced Business Application Programming 8.10.304
940
VMScore
CVE-2007-4475
Stack-based buffer overflow in EAI WebViewer3D ActiveX control (webviewer3d.dll) in SAP AG SAPgui prior to 7.10 Patch Level 9 allows remote malicious users to execute arbitrary code via a long argument to the SaveViewToSessionFile method.
Sap Sapgui 4.6a
Sap Sapgui 4.6c
Sap Sapgui 4.6d
Sap Sapgui 4.6
Sap Sapgui 4.6b
Sap Sapgui
Sap Sapgui 6.40
2 EDB exploits
828
VMScore
CVE-2008-4387
Unspecified vulnerability in the Simba MDrmSap ActiveX control in mdrmsap.dll in SAP SAPgui allows remote malicious users to execute arbitrary code via unknown vectors involving instantiation by Internet Explorer.
Sap Sapgui
Simba Technologies Mdrmsap Activex Control
890
VMScore
CVE-2008-0620
SAPLPD 6.28 and previous versions included in SAP GUI 7.10 and SAPSprint prior to 1018 allows remote malicious users to cause a denial of service (crash) via a 0x53 LPD command, which causes the server to terminate.
Sap Sapsprint
Sap Saplpd
Sap Sapgui 7.10
760
VMScore
CVE-2008-0621
Buffer overflow in SAPLPD 6.28 and previous versions included in SAP GUI 7.10 and SAPSprint prior to 1018 allows remote malicious users to execute arbitrary code via long arguments to the (1) 0x01, (2) 0x02, (3) 0x03, (4) 0x04, and (5) 0x05 LPD commands.
Sap Sapsprint
Sap Saplpd
Sap Sapgui 7.10
2 EDB exploits
770
VMScore
CVE-2007-3605
Stack-based buffer overflow in the kweditcontrol.kwedit.1 ActiveX control in FrontEnd\SapGui\kwedit.dll in the EnjoySAP SAP GUI allows remote malicious users to execute arbitrary code via a long argument to the PrepareToPostHTML function.
Sap Enjoysap
2 EDB exploits
668
VMScore
CVE-2003-1035
The default installation of SAP R/3 46C/D allows remote malicious users to bypass account locking by using the RFC API instead of the SAPGUI to conduct a brute force password guessing attack, which does not lock out the account like the SAPGUI does.
Sap Sapgui 4.6d
Sap Sap R 3
Sap Sapgui 4.6c
445
VMScore
CVE-2002-1579
SAP GUI (Sapgui) 4.6D allows remote malicious users to cause a denial of service (crash) via a connection to a high-numbered port, which generates an "unknown connection data" error.
Sap Sapgui 4.6b
Sap Sapgui 4.6c
Sap Sapgui 4.6
Sap Sapgui 4.6a
Sap Sapgui 4.6d
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started