Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap gui - vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-39799
An attacker with no prior authentication could craft and send malicious script to SAP GUI for HTML within Fiori Launchpad, resulting in reflected cross-site scripting attack. This could lead to stealing session information and impersonating the affected user.
Sap Netweaver Application Server Abap Kernel 7.77
Sap Netweaver Application Server Abap 7.81
Sap Netweaver Application Server Abap 7.85
Sap Netweaver Application Server Abap 7.89
Sap Netweaver Application Server Abap 7.54
6.9
CVSSv2
CVE-2011-5154
Multiple untrusted search path vulnerabilities in (1) SAPGui.exe and (2) BExAnalyzer.exe in SAP GUI 6.4 up to and including 7.2 allow local users to gain privileges via a Trojan horse MFC80LOC.DLL file in the current working directory, as demonstrated by a directory that contains...
Sap Graphical User Interface 6.4
Sap Graphical User Interface 7.2
5
CVSSv2
CVE-2007-3608
Multiple unspecified vulnerabilities in ActiveX controls in the EnjoySAP SAP GUI allow remote malicious users to create certain files via unspecified vectors.
Sap Enjoysap
2 EDB exploits
5
CVSSv2
CVE-2007-3607
Multiple unspecified vulnerabilities in ActiveX controls in the EnjoySAP SAP GUI allow remote malicious users to cause a denial of service (process crash) via unspecified vectors.
Sap Enjoysap
2 EDB exploits
5
CVSSv2
CVE-2016-10079
SAPlpd up to and including 7400.3.11.33 in SAP GUI 7.40 on Windows has a Denial of Service vulnerability (service crash) with a long string to TCP port 515.
Sap Saplpd
1 EDB exploit
7.6
CVSSv2
CVE-2007-3606
Heap-based buffer overflow in the rfcguisink.rfcguisink.1 ActiveX control in the EnjoySAP SAP GUI, on systems using ASCII versions, allows remote malicious users to execute arbitrary code via a long first argument to the LaunchGui function.
Sap Enjoysap
1 EDB exploit
2.1
CVSSv2
CVE-2021-21448
SAP GUI for Windows, version - 7.60, allows an malicious user to spoof logon credentials for Application Server ABAP backend systems in the client PCs memory. Under certain conditions the attacker can access information which would otherwise be restricted. The exploit can only be...
Sap Graphical User Interface 7.60
NA
CVE-2024-27902
Applications based on SAP GUI for HTML in SAP NetWeaver AS ABAP - versions 7.89, 7.93, do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. A successful attack can allow a malicious malicious user to access and modify data thro...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3