Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap netweaver 7.0 vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2010-1609
Cross-site scripting (XSS) vulnerability in SAP NetWeaver 2004 before SP21 and 2004s before SP13 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Sap Netweaver 7.0
Sap Netweaver 4.0
578
VMScore
CVE-2014-6252
Buffer overflow in disp+work.exe 7000.52.12.34966 and 7200.117.19.50294 in the Dispatcher in SAP NetWeaver 7.00 and 7.20 allows remote authenticated users to cause a denial of service or execute arbitrary code via unspecified vectors.
Sap Netweaver 7.20
Sap Netweaver 7.0
445
VMScore
CVE-2014-1960
The Solution Manager in SAP NetWeaver does not properly restrict access, which allows remote malicious users to obtain sensitive information via unspecified vectors.
Sap Netweaver -
Sap Netweaver Solution Manager 7.0
Sap Netweaver Solution Manager 7.1
894
VMScore
CVE-2012-4341
Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow remote malicious users to cause a denial of service (crash) and execute arbitrary code via a (1) long parameter value, (2) crafted string size field, or (3) long Parameter Name string in a pac...
Sap Netweaver Abap 7.0
Sap Netweaver Abap 7.02
Sap Netweaver Abap 7.03
801
VMScore
CVE-2019-0328
ABAP Tests Modules (SAP Basis, versions 7.0, 7.1, 7.3, 7.31, 7.4, 7.5) of SAP NetWeaver Process Integration enables an attacker the execution of OS commands with privileged rights. An attacker could thereby impact the integrity and availability of the system.
Sap Netweaver Process Integration 7.0
Sap Netweaver Process Integration 7.1
Sap Netweaver Process Integration 7.31
Sap Netweaver Process Integration 7.5
Sap Netweaver Process Integration 7.3
Sap Netweaver Process Integration 7.4
668
VMScore
CVE-2011-1517
SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service caused by an error in the DiagTraceHex() function. By sending a specially-crafted packet, an attacker could exploit this vulnerability to cause the application to crash.
Sap Netweaver 7.0
383
VMScore
CVE-2009-2932
Cross-site scripting (XSS) vulnerability in uddiclient/process in the UDDI client in SAP NetWeaver Application Server (Java) 7.0 allows remote malicious users to inject arbitrary web script or HTML via the TModel Key field.
Sap Netweaver 7.0
510
VMScore
CVE-2012-2612
The DiagTraceHex function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote malicious users to cause a denial of service (daemon crash) via a crafted SAP Diag packet.
Sap Netweaver 7.0
2 EDB exploits
510
VMScore
CVE-2012-2514
The DiagiEventSource function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote malicious users to cause a denial of service (daemon crash) via a crafted SAP Diag packet.
Sap Netweaver 7.0
2 EDB exploits
945
VMScore
CVE-2012-2611
The DiagTraceR3Info function in the Dialog processor in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2, when a certain Developer Trace configuration is enabled, allows remote malicious users to execute arbitrary code via a...
Sap Netweaver 7.0
3 EDB exploits
1 Github repository
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-52710
arbitrary
CVE-2024-5272
CVE-2024-2961
brute force
remote
CVE-2024-32944
CVE-2024-36241
CVE-2024-5274
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »