Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap sap db vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-0944
Buffer overflow in the WAECHO default service in web-tools in SAP DB prior to 7.4.03.30 allows remote malicious users to execute arbitrary code via a URL with a long requestURI.
Sap Sap Db
NA
CVE-2003-0945
The Web Database Manager in web-tools for SAP DB prior to 7.4.03.30 generates predictable session IDs, which allows remote malicious users to conduct unauthorized activities.
Sap Sap Db
NA
CVE-2002-1576
lserver in SAP DB 7.3 and previous versions uses the current working directory to find and execute the lserversrv program, which allows local users to gain privileges with a malicious lserversrv that is called from a directory that has a symlink to the lserver program.
Sap Sap Db 7.3.00
1 EDB exploit
4.3
CVSSv3
CVE-2016-3639
SAP HANA DB 1.00.091.00.1418659308 allows remote malicious users to obtain sensitive topology information via an unspecified HTTP request, aka SAP Security Note 2176128.
Sap Hana Db 1.00.091.00.1418659308
5.5
CVSSv3
CVE-2016-3640
The Extended Application Services (aka XS or XS Engine) in SAP HANA DB 1.00.091.00.1418659308 allows local users to obtain sensitive password information via vectors related to passwords in Web Dispatcher trace files, aka SAP Security Note 2148905.
Sap Hana Db 1.00.091.00.14186593
5.3
CVSSv3
CVE-2016-6145
The SQL interface in SAP HANA DB 1.00.091.00.1418659308 provides different error messages for failed login attempts depending on whether the username exists and is locked when the detailed_error_on_connect option is not supported or is configured as "False," which allow...
Sap Hana Db 1.00.091.00.1418659308
9.8
CVSSv3
CVE-2016-6143
SAP HANA DB 1.00.73.00.389160 allows remote malicious users to execute arbitrary code via vectors involving the audit logs, aka SAP Security Note 2170806.
Sap Hana 1.00.73.00.389160
NA
CVE-2015-3995
SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote authenticated users to read arbitrary files via an IMPORT FROM SQL statement, aka SAP Security Note 2109565.
Sap Hana 1.00.73.00.389160
NA
CVE-2015-7994
The SQL interface in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote malicious users to execute arbitrary code via unspecified vectors related to "SQL Login," aka SAP Security Note 2197428.
Sap Hana 1.00.73.00.389160
7.5
CVSSv3
CVE-2016-6142
SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote malicious users to inject arbitrary audit trail fields into the SYSLOG via vectors related to the SQL protocol, aka SAP Security Note 2197459.
Sap Hana 1.00.73.00.389160
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »