Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap privileges vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-41267
SAP Business Objects Platform - versions 420, and 430, allows an attacker with normal BI user privileges to upload/replace any file on Business Objects server at the operating system level, enabling the malicious user to take full control of the system causing a high impact on co...
Sap Business Objects Business Intelligence Platform 430
Sap Business Objects Business Intelligence Platform 420
7.3
CVSSv3
CVE-2016-4018
The Data Provisioning Agent (aka DP Agent) in SAP HANA does not properly restrict access to service functionality, which allows remote malicious users to obtain sensitive information, gain privileges, and conduct unspecified other attacks via unspecified vectors, aka SAP Security...
Sap Hana -
NA
CVE-2013-7367
SAP Enterprise Portal does not properly restrict access to the Federation configuration pages, which allows remote malicious users to gain privileges via unspecified vectors.
Sap Enterprise Portal -
9.1
CVSSv3
CVE-2016-7435
The (1) SCTC_REFRESH_EXPORT_TAB_COMP, (2) SCTC_REFRESH_CHECK_ENV, and (3) SCTC_TMS_MAINTAIN_ALOG functions in the SCTC subpackage in SAP Netweaver 7.40 SP 12 allow remote authenticated users with certain permissions to execute arbitrary commands via vectors involving a CALL '...
Sap Netweaver 7.40
7.2
CVSSv3
CVE-2020-6192
SAP Landscape Management, version 3.0, allows an attacker with admin privileges to execute malicious commands with root privileges in SAP Host Agent via SAP Landscape Management.
Sap Landscape Management 3.0
1 Article
NA
CVE-2008-1810
Untrusted search path vulnerability in dbmsrv in SAP MaxDB 7.6.03.15 on Linux allows local users to gain privileges via a modified PATH environment variable.
Sap Maxdb 7.6.03.15
NA
CVE-2014-9387
SAP BusinessObjects Edge 4.1 allows remote malicious users to obtain the SI_PLATFORM_SEARCH_SERVER_LOGON_TOKEN token and gain privileges via a crafted CORBA call, aka SAP Note 2039905.
Sap Businessobjects 4.1
7.2
CVSSv3
CVE-2020-6234
SAP Host Agent, version 7.21, allows an attacker with admin privileges to use the operation framework to gain root privileges over the underlying operating system, leading to Privilege Escalation.
Sap Host Agent 7.21
NA
CVE-2010-3983
CmcApp in SAP BusinessObjects Enterprise XI 3.2 allows remote authenticated users to gain privileges via vectors involving the Program Job Server and the Program Login property.
Sap Businessobjects 3.2
7.2
CVSSv3
CVE-2020-6191
SAP Landscape Management, version 3.0, allows an attacker with admin privileges to execute malicious executables with root privileges in SAP Host Agent via SAP Landscape Management due to Missing Input Validation.
Sap Landscape Management 3.0
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
6
7
8
9
10
NEXT »