Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap netweaver abap application server - vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-2470
In SAP NetWeaver Application Server for ABAP, from 7.0 to 7.02, 7.30, 7.31, 7.40 and from 7.50 to 7.53, applications do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Sap Netweaver 7.30
Sap Netweaver 7.31
Sap Netweaver 7.40
Sap Netweaver
5.9
CVSSv3
CVE-2019-0248
Under certain conditions SAP Gateway of ABAP Application Server (fixed in SAP_GWFND 7.5, 7.51, 7.52, 7.53; SAP_BASIS 7.5) allows an malicious user to access information which would otherwise be restricted.
Sap Netweaver 7.5
Sap Netweaver 7.53
Sap Netweaver 7.52
Sap Netweaver 7.51
Sap Basis 7.5
1 Article
6.5
CVSSv3
CVE-2019-0271
ABAP Server (used in NetWeaver and Suite/ERP) and ABAP Platform does not sufficiently validate an XML document accepted from an untrusted source, leading to an XML External Entity (XEE) vulnerability. Fixed in Kernel 7.21 or 7.22, that is ABAP Server 7.00 to 7.31 and Kernel 7.45,...
Sap Advanced Business Application Programming Platform -
Sap Advanced Business Application Programming Server
Sap Sap Kernel 7.22
Sap Sap Kernel 7.21
Sap Sap Kernel 7.45
Sap Sap Kernel 7.49
Sap Sap Kernel 7.53
8.8
CVSSv3
CVE-2019-0270
ABAP Server of SAP NetWeaver and ABAP Platform fail to perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has been corrected in the following versions: KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22,...
Sap Advanced Business Application Programming Platform Kernel 7.49
Sap Advanced Business Application Programming Platform Kernel 7.53
Sap Advanced Business Application Programming Platform Kernel 7.73
Sap Advanced Business Application Programming Platform Krnl64uc 7.21
Sap Advanced Business Application Programming Platform Krnl64uc 7.21ext
Sap Advanced Business Application Programming Platform Krnl64uc 7.22
Sap Advanced Business Application Programming Platform Krnl64uc 7.22ext
Sap Advanced Business Application Programming Platform Krnl64uc 7.49
Sap Advanced Business Application Programming Platform Krnl64uc 7.73
Sap Advanced Business Application Programming Platform Krnl64nuc 7.21
Sap Advanced Business Application Programming Platform Krnl64nuc 7.21ext
Sap Advanced Business Application Programming Platform Krnl64nuc 7.22
Sap Advanced Business Application Programming Platform Krnl64nuc 7.22ext
Sap Advanced Business Application Programming Platform Krnl32uc 7.21
Sap Advanced Business Application Programming Platform Krnl32uc 7.22
Sap Advanced Business Application Programming Platform Krnl32uc 7.22ext
Sap Advanced Business Application Programming Platform Krnl32uc 7.21ext
Sap Advanced Business Application Programming Platform Krnl32nuc 7.21ext
Sap Advanced Business Application Programming Platform Krnl32nuc 7.22
Sap Advanced Business Application Programming Platform Krnl32nuc 7.22ext
Sap Advanced Business Application Programming Platform Krnl32nuc 7.21
Sap Advanced Business Application Programming Platform Krnl64uc 7.74
8.1
CVSSv3
CVE-2019-0255
SAP NetWeaver AS ABAP Platform, Krnl64nuc 7.74, krnl64UC 7.73, 7.74, Kernel 7.73, 7.74, 7.75, fails to validate type of installation for an ABAP Server system correctly. That behavior may lead to situation, where business user achieves access to the full SAP Menu, that is 'E...
Sap Advanced Business Application Programming Platform Kernel 7.73
Sap Advanced Business Application Programming Platform Kernel 7.75.
Sap Advanced Business Application Programming Platform Krnl64uc 7.73
Sap Advanced Business Application Programming Platform Krnl64uc 7.74
Sap Advanced Business Application Programming Platform Kernel 7.74
Sap Advanced Business Application Programming Platform Krnl64nuc 7.74
9.8
CVSSv3
CVE-2011-1517
SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service caused by an error in the DiagTraceHex() function. By sending a specially-crafted packet, an attacker could exploit this vulnerability to cause the application to crash.
Sap Netweaver 7.0
NA
CVE-2012-2511
The DiagTraceAtoms function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote malicious users to cause a denial of service (daemon crash) via a crafted SAP Diag packet.
Sap Netweaver 7.0
2 EDB exploits
NA
CVE-2012-2512
The DiagTraceStreamI function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote malicious users to cause a denial of service (daemon crash) via a crafted SAP Diag packet.
Sap Netweaver 7.0
2 EDB exploits
NA
CVE-2012-2513
The Diaginput function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote malicious users to cause a denial of service (daemon crash) via a crafted SAP Diag packet.
Sap Netweaver 7.0
2 EDB exploits
NA
CVE-2012-2514
The DiagiEventSource function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote malicious users to cause a denial of service (daemon crash) via a crafted SAP Diag packet.
Sap Netweaver 7.0
2 EDB exploits
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »