Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hana vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2014-8588
SQL injection vulnerability in metadata.xsjs in SAP HANA 1.00.60.379371 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Sap Hana 1.00.60.379371
5
CVSSv2
CVE-2015-7991
The Web Dispatcher service in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote malicious users to read web dispatcher and security trace files and possibly obtain passwords via unspecified vectors, aka SAP Security Note 2148854.
Sap Hana 1.00.73.00.389160
4
CVSSv2
CVE-2015-7992
SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote authenticated users to cause a denial of service (memory corruption and indexserver crash) via unspecified vectors to the EXECUTE_SEARCH_RULE_SET stored procedure, aka SAP Security Note 2175928.
Sap Hana 1.00.73.00.389160
7.5
CVSSv2
CVE-2015-7993
The Extended Application Services (aka XS or XS Engine) in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote malicious users to execute arbitrary code via unspecified vectors related to "HTTP Login," aka SAP Security Note 2197397.
Sap Hana 1.00.73.00.389160
7.5
CVSSv2
CVE-2015-7994
The SQL interface in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote malicious users to execute arbitrary code via unspecified vectors related to "SQL Login," aka SAP Security Note 2197428.
Sap Hana 1.00.73.00.389160
6.5
CVSSv2
CVE-2015-7727
Multiple SQL injection vulnerabilities in the Web-based Development Workbench in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allow remote authenticated users to execute arbitrary SQL commands via unspecified vectors in the (1) trace configuration page or (2) getSqlTraceConfigura...
Sap Hana 1.00.73.00.389160
3.5
CVSSv2
CVE-2015-7728
Cross-site scripting (XSS) vulnerability in user creation in the Web-based Development Workbench in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote authenticated users to inject arbitrary web script or HTML via the username, aka SAP Security Note 2153898.
Sap Hana 1.00.73.00.389160
6.8
CVSSv2
CVE-2021-21484
LDAP authentication in SAP HANA Database version 2.0 can be bypassed if the attached LDAP directory server is configured to enable unauthenticated bind.
Sap Hana 2.0
4
CVSSv2
CVE-2015-3994
The grant.xsfunc application in testApps/grantAccess/ in the XS Engine in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote authenticated users to spoof log entries via a crafted request, aka SAP Security Note 2109818.
Sap Hana 1.00.73.00.389160
4
CVSSv2
CVE-2015-3995
SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote authenticated users to read arbitrary files via an IMPORT FROM SQL statement, aka SAP Security Note 2109565.
Sap Hana 1.00.73.00.389160
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »