Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap vulnerabilities and exploits
(subscribe to this query)
801
VMScore
CVE-2016-7435
The (1) SCTC_REFRESH_EXPORT_TAB_COMP, (2) SCTC_REFRESH_CHECK_ENV, and (3) SCTC_TMS_MAINTAIN_ALOG functions in the SCTC subpackage in SAP Netweaver 7.40 SP 12 allow remote authenticated users with certain permissions to execute arbitrary commands via vectors involving a CALL '...
Sap Netweaver 7.40
801
VMScore
CVE-2016-4014
XML external entity (XXE) vulnerability in the UDDI component in SAP NetWeaver JAVA AS 7.4 allows remote malicious users to cause a denial of service (system hang) via a crafted DTD in an XML request to uddi/api/replication, aka SAP Security Note 2254389.
Sap Netweaver 7.4
1 Github repository
801
VMScore
CVE-2013-3678
Multiple unspecified vulnerabilities in SAP Governance, Risk, and Compliance (GRC) allow remote authenticated users to gain privileges and execute arbitrary programs via a crafted (1) RFC or (2) SOAP-RFC request.
Sap Governance Risk And Compliance -
801
VMScore
CVE-2013-6865
SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 prior to 15.0.3 ESD#4.3, 15.5 prior to 15.5 ESD#5.3, and 15.7 prior to 15.7 SP50 or 15.7 SP100 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka CR732989.
Sybase Adaptive Server Enterprise 15.7
Sybase Adaptive Server Enterprise 15.0.3
Sybase Adaptive Server Enterprise 15.5
801
VMScore
CVE-2013-6866
SAP Sybase Adaptive Server Enterprise (ASE) prior to 15.0.3 ESD#4.3, 15.5 prior to 15.5 ESD#5.3, and 15.7 prior to 15.7 SP50 or 15.7 SP100 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka CR736689.
Sybase Adaptive Server Enterprise 15.7
Sybase Adaptive Server Enterprise 15.0.3
Sybase Adaptive Server Enterprise 15.5
801
VMScore
CVE-2013-6863
SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 prior to 15.0.3 ESD#4.3, 15.5 prior to 15.5 ESD#5.3, and 15.7 prior to 15.7 SP50 or 15.7 SP100 allows remote authenticated users to gain privileges via unspecified vectors.
Sybase Adaptive Server Enterprise 15.7
Sybase Adaptive Server Enterprise 15.5
Sybase Adaptive Server Enterprise 15.0.3
801
VMScore
CVE-2010-3983
CmcApp in SAP BusinessObjects Enterprise XI 3.2 allows remote authenticated users to gain privileges via vectors involving the Program Job Server and the Program Login property.
Sap Businessobjects 3.2
785
VMScore
CVE-2016-2389
Directory traversal vulnerability in the GetFileList function in the SAP Manufacturing Integration and Intelligence (xMII) component 15.0 for SAP NetWeaver 7.4 allows remote malicious users to read arbitrary files via a .. (dot dot) in the Path parameter to /Catalog, aka SAP Secu...
Sap Netweaver 7.40
1 EDB exploit
770
VMScore
CVE-2007-3605
Stack-based buffer overflow in the kweditcontrol.kwedit.1 ActiveX control in FrontEnd\SapGui\kwedit.dll in the EnjoySAP SAP GUI allows remote malicious users to execute arbitrary code via a long argument to the PrepareToPostHTML function.
Sap Enjoysap
2 EDB exploits
765
VMScore
CVE-2011-1516
The kSBXProfileNoNetwork and kSBXProfileNoInternet sandbox profiles in Apple Mac OS X 10.5.x up to and including 10.7.x do not propagate restrictions to all created processes, which allows remote malicious users to access network resources via a crafted application, as demonstrat...
Apple Mac Os X 10.5.1
Apple Mac Os X 10.5.2
Apple Mac Os X 10.6.0
Apple Mac Os X 10.6.1
Apple Mac Os X 10.6.8
Apple Mac Os X 10.7.0
Apple Mac Os X 10.5.0
Apple Mac Os X 10.5.7
Apple Mac Os X 10.5.8
Apple Mac Os X 10.6.6
Apple Mac Os X 10.6.7
Apple Mac Os X 10.5.3
Apple Mac Os X 10.5.4
Apple Mac Os X 10.6.2
Apple Mac Os X 10.6.3
Apple Mac Os X 10.7.1
Apple Mac Os X 10.7.2
Apple Mac Os X 10.5.5
Apple Mac Os X 10.5.6
Apple Mac Os X 10.6.4
Apple Mac Os X 10.6.5
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »