Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap basis vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2007-3496
Cross-site scripting (XSS) vulnerability in SAP Web Dynpro Java (BC-WD-JAV) in SAP NetWeaver Nw04 SP15 through SP19 and Nw04s SP7 through SP11, aka SAP Java Technology Services 640 before SP20 and SAP Web Dynpro Runtime Core Components 700 before SP12, allows remote malicious use...
Sap Netweaver Nw04 Sp19
Sap Sap Basis Component 700
Sap Netweaver Nw04 Sp16
Sap Netweaver Nw04s Sp8
Sap Netweaver Nw04s Sp9
Sap Netweaver Nw04s Sp7
Sap Netweaver Nw04 Sp18
Sap Sap Basis Component 640
Sap Netweaver Nw04 Sp15
Sap Netweaver Nw04s Sp11
Sap Netweaver Nw04 Sp17
Sap Netweaver Nw04s Sp10
801
VMScore
CVE-2019-0328
ABAP Tests Modules (SAP Basis, versions 7.0, 7.1, 7.3, 7.31, 7.4, 7.5) of SAP NetWeaver Process Integration enables an attacker the execution of OS commands with privileged rights. An attacker could thereby impact the integrity and availability of the system.
Sap Netweaver Process Integration 7.31
Sap Netweaver Process Integration 7.0
Sap Netweaver Process Integration 7.1
Sap Netweaver Process Integration 7.3
Sap Netweaver Process Integration 7.4
Sap Netweaver Process Integration 7.5
578
VMScore
CVE-2019-0279
ABAP BASIS function modules INST_CREATE_R3_RFC_DEST, INST_CREATE_TCPIP_RFCDEST, and INST_CREATE_TCPIP_RFC_DEST in SAP BASIS (fixed in versions 7.0 to 7.02, 7.10 to 7.30, 7.31, 7.40, 7.50 to 7.53) do not perform necessary authorization checks in all circumstances for an authentica...
Sap Business Application Software Integrated Solution
Sap Business Application Software Integrated Solution 7.31
Sap Business Application Software Integrated Solution 7.40
383
VMScore
CVE-2019-0321
ABAP Server and ABAP Platform (SAP Basis), versions, 7.31, 7.4, 7.5, do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Sap Netweaver As Abap 7.4
Sap Netweaver As Abap 7.5
Sap Netweaver Application Server Abap 7.31
578
VMScore
CVE-2017-16682
SAP NetWeaver Internet Transaction Server (ITS), SAP Basis from 7.00 to 7.02, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker with administrator credentials to inject code that can be executed by the application and thereby control the behavior of the application.
Sap Netweaver Internet Transaction Server -
Sap Business Application Software Integrated Solution
Sap Business Application Software Integrated Solution 7.30
Sap Business Application Software Integrated Solution 7.31
Sap Business Application Software Integrated Solution 7.40
578
VMScore
CVE-2018-2363
SAP NetWeaver, SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, contains code that allows you to execute arbitrary program code of the user's choice. A malicious user can therefore control the behaviour of the system or can potentially esc...
Sap Netweaver -
Sap Business Application Software Integrated Solution
Sap Business Application Software Integrated Solution 7.30
Sap Business Application Software Integrated Solution 7.31
Sap Business Application Software Integrated Solution 7.40
578
VMScore
CVE-2018-2494
Necessary authorization checks for an authenticated user, resulting in escalation of privileges, have been fixed in SAP Basis AS ABAP of SAP NetWeaver 700 to 750, from 750 onwards delivered as ABAP Platform.
Sap Business Application Software Integrated Solution
Sap Business Application Software Integrated Solution 7.31
Sap Business Application Software Integrated Solution 7.40
517
VMScore
CVE-2017-16691
SAP Note Assistant tool (SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31,7.40, from 7.50 to 7.52) supports upload of digitally signed note file of type 'SAR'. The digital signature verification is done together with the extraction of note file contained in th...
Sap Business Application Software Integrated Solution 7.30
Sap Business Application Software Integrated Solution 7.31
Sap Business Application Software Integrated Solution 7.40
Sap Business Application Software Integrated Solution 7.00
Sap Business Application Software Integrated Solution 7.01
Sap Business Application Software Integrated Solution 7.02
Sap Business Application Software Integrated Solution 7.10
Sap Business Application Software Integrated Solution 7.11
Sap Business Application Software Integrated Solution 7.50
Sap Business Application Software Integrated Solution 7.51
Sap Business Application Software Integrated Solution 7.52
578
VMScore
CVE-2018-2367
ABAP File Interface in, SAP BASIS, from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an malicious user to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" a...
Sap Business Application Software Integrated Solution
Sap Business Application Software Integrated Solution 7.30
Sap Business Application Software Integrated Solution 7.31
Sap Business Application Software Integrated Solution 7.40
668
VMScore
CVE-2014-8663
SQL injection vulnerability in Data Basis (BW-WHM-DBA) in SAP NetWeaver Business Warehouse allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Sap Netweaver Business Warehouse -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »