Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap netweaver 7.0 vulnerabilities and exploits
(subscribe to this query)
578
VMScore
CVE-2015-2815
Buffer overflow in the C_SAPGPARAM function in the NetWeaver Dispatcher in SAP KERNEL 7.00 (7000.52.12.34966) and 7.40 (7400.12.21.30308) allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via unspecified vectors, aka SAP Security No...
Sap Netweaver 7.40
Sap Netweaver 7.0
383
VMScore
CVE-2010-1609
Cross-site scripting (XSS) vulnerability in SAP NetWeaver 2004 before SP21 and 2004s before SP13 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Sap Netweaver 7.0
Sap Netweaver 4.0
894
VMScore
CVE-2012-4341
Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow remote malicious users to cause a denial of service (crash) and execute arbitrary code via a (1) long parameter value, (2) crafted string size field, or (3) long Parameter Name string in a pac...
Sap Netweaver Abap 7.0
Sap Netweaver Abap 7.02
Sap Netweaver Abap 7.03
445
VMScore
CVE-2014-1960
The Solution Manager in SAP NetWeaver does not properly restrict access, which allows remote malicious users to obtain sensitive information via unspecified vectors.
Sap Netweaver -
Sap Netweaver Solution Manager 7.0
Sap Netweaver Solution Manager 7.1
801
VMScore
CVE-2019-0328
ABAP Tests Modules (SAP Basis, versions 7.0, 7.1, 7.3, 7.31, 7.4, 7.5) of SAP NetWeaver Process Integration enables an attacker the execution of OS commands with privileged rights. An attacker could thereby impact the integrity and availability of the system.
Sap Netweaver Process Integration 7.0
Sap Netweaver Process Integration 7.1
Sap Netweaver Process Integration 7.31
Sap Netweaver Process Integration 7.5
Sap Netweaver Process Integration 7.3
Sap Netweaver Process Integration 7.4
445
VMScore
CVE-2012-1291
Unspecified vulnerability in the com.sap.aii.mdt.amt.web.AMTPageProcessor servlet in SAP NetWeaver 7.0 allows remote malicious users to obtain sensitive information about the Adapter Monitor via unspecified vectors, possibly related to the EnableInvokerServletGlobally property in...
Sap Netweaver 7.0
445
VMScore
CVE-2012-1292
Unspecified vulnerability in the MessagingSystem servlet in SAP NetWeaver 7.0 allows remote malicious users to obtain sensitive information about the MessagingSystem Performance Data via unspecified vectors.
Sap Netweaver 7.0
510
VMScore
CVE-2012-2512
The DiagTraceStreamI function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote malicious users to cause a denial of service (daemon crash) via a crafted SAP Diag packet.
Sap Netweaver 7.0
2 EDB exploits
383
VMScore
CVE-2009-2932
Cross-site scripting (XSS) vulnerability in uddiclient/process in the UDDI client in SAP NetWeaver Application Server (Java) 7.0 allows remote malicious users to inject arbitrary web script or HTML via the TModel Key field.
Sap Netweaver 7.0
668
VMScore
CVE-2011-1517
SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service caused by an error in the DiagTraceHex() function. By sending a specially-crafted packet, an attacker could exploit this vulnerability to cause the application to crash.
Sap Netweaver 7.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49223
CVE-2024-0044
information disclosure
CVE-2024-35753
HTML injection
CVE-2024-21306
CVE-2024-35733
SQL injection
CVE-2024-35732
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »