Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap netweaver 7.0 vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2010-1609
Cross-site scripting (XSS) vulnerability in SAP NetWeaver 2004 before SP21 and 2004s before SP13 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Sap Netweaver 7.0
Sap Netweaver 4.0
6.5
CVSSv2
CVE-2015-2815
Buffer overflow in the C_SAPGPARAM function in the NetWeaver Dispatcher in SAP KERNEL 7.00 (7000.52.12.34966) and 7.40 (7400.12.21.30308) allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via unspecified vectors, aka SAP Security No...
Sap Netweaver 7.40
Sap Netweaver 7.0
5
CVSSv2
CVE-2014-1960
The Solution Manager in SAP NetWeaver does not properly restrict access, which allows remote malicious users to obtain sensitive information via unspecified vectors.
Sap Netweaver -
Sap Netweaver Solution Manager 7.0
Sap Netweaver Solution Manager 7.1
10
CVSSv2
CVE-2012-4341
Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow remote malicious users to cause a denial of service (crash) and execute arbitrary code via a (1) long parameter value, (2) crafted string size field, or (3) long Parameter Name string in a pac...
Sap Netweaver Abap 7.0
Sap Netweaver Abap 7.02
Sap Netweaver Abap 7.03
9
CVSSv2
CVE-2019-0328
ABAP Tests Modules (SAP Basis, versions 7.0, 7.1, 7.3, 7.31, 7.4, 7.5) of SAP NetWeaver Process Integration enables an attacker the execution of OS commands with privileged rights. An attacker could thereby impact the integrity and availability of the system.
Sap Netweaver Process Integration 7.0
Sap Netweaver Process Integration 7.1
Sap Netweaver Process Integration 7.31
Sap Netweaver Process Integration 7.5
Sap Netweaver Process Integration 7.3
Sap Netweaver Process Integration 7.4
7.5
CVSSv2
CVE-2011-1517
SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service caused by an error in the DiagTraceHex() function. By sending a specially-crafted packet, an attacker could exploit this vulnerability to cause the application to crash.
Sap Netweaver 7.0
5
CVSSv2
CVE-2012-1291
Unspecified vulnerability in the com.sap.aii.mdt.amt.web.AMTPageProcessor servlet in SAP NetWeaver 7.0 allows remote malicious users to obtain sensitive information about the Adapter Monitor via unspecified vectors, possibly related to the EnableInvokerServletGlobally property in...
Sap Netweaver 7.0
4.3
CVSSv2
CVE-2012-1290
Cross-site scripting (XSS) vulnerability in b2b/auction/container.jsp in the Internet Sales (crm.b2b) module in SAP NetWeaver 7.0 allows remote malicious users to inject arbitrary web script or HTML via the _loadPage parameter.
Sap Netweaver 7.0
5
CVSSv2
CVE-2012-2511
The DiagTraceAtoms function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote malicious users to cause a denial of service (daemon crash) via a crafted SAP Diag packet.
Sap Netweaver 7.0
2 EDB exploits
5
CVSSv2
CVE-2012-2513
The Diaginput function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote malicious users to cause a denial of service (daemon crash) via a crafted SAP Diag packet.
Sap Netweaver 7.0
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »