Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
netweaver vulnerabilities and exploits
(subscribe to this query)
5.8
CVSSv2
CVE-2021-33705
The SAP NetWeaver Portal, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, component Iviews Editor contains a Server-Side Request Forgery (SSRF) vulnerability which allows an unauthenticated malicious user to craft a malicious URL which when clicked by a user can make any typ...
Sap Netweaver Portal 7.10
Sap Netweaver Portal 7.11
Sap Netweaver Portal 7.20
Sap Netweaver Portal 7.30
Sap Netweaver Portal 7.31
Sap Netweaver Portal 7.40
Sap Netweaver Portal 7.50
7.5
CVSSv2
CVE-2016-10311
Stack-based buffer overflow in SAP NetWeaver 7.0 up to and including 7.5 allows remote malicious users to cause a denial of service () by sending a crafted packet to the SAPSTARTSRV port, aka SAP Security Note 2295238.
Sap Netweaver 7.0
Sap Netweaver 7.3
Sap Netweaver 7.4
Sap Netweaver 7.5
4.3
CVSSv2
CVE-2021-38183
SAP NetWeaver - versions 700, 701, 702, 730, does not sufficiently encode user-controlled inputs, allowing an malicious user to cause a potential victim to supply a malicious content to a vulnerable web application, which is then reflected to the victim and executed by the web br...
Sap Netweaver 700
Sap Netweaver 701
Sap Netweaver 702
Sap Netweaver 730
6.5
CVSSv2
CVE-2018-2477
Knowledge Management (XMLForms) in SAP NetWeaver, versions 7.30, 7.31, 7.40 and 7.50 does not sufficiently validate an XML document accepted from an untrusted source.
Sap Netweaver 7.40
Sap Netweaver 7.31
Sap Netweaver 7.50
Sap Netweaver 7.30
5
CVSSv2
CVE-2016-4015
The Enqueue Server in SAP NetWeaver JAVA AS 7.1 up to and including 7.4 allows remote malicious users to cause a denial of service (process crash) via a crafted request, aka SAP Security Note 2258784.
Sap Netweaver 7.3
Sap Netweaver 7.2
Sap Netweaver 7.4
Sap Netweaver 7.1
NA
CVE-2023-29186
In SAP NetWeaver (BI CONT ADDON) - versions 707, 737, 747, 757, an attacker can exploit a directory traversal flaw in a report to upload and overwrite files on the SAP server. Data cannot be read but if a remote attacker has sufficient (administrative) privileges then potentially...
Sap Netweaver 707
Sap Netweaver 737
Sap Netweaver 747
Sap Netweaver 757
9
CVSSv2
CVE-2021-38163
SAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7.50, without restriction, an attacker authenticated as a non-administrative user can upload a malicious file over a network and trigger its processing, which is capable of running operating system commands with ...
Sap Netweaver 7.30
Sap Netweaver 7.31
Sap Netweaver 7.40
Sap Netweaver 7.50
1 Github repository
1 Article
10
CVSSv2
CVE-2013-1592
A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistics() function when sending specially crafted SAP Message Server packets to remote TCP ports 36NN and/or 39NN in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04, which could let a remot...
Sap Netweaver 7.01
Sap Netweaver 7.02
Sap Netweaver 7.30
Sap Netweaver 2004s
1 EDB exploit
5
CVSSv2
CVE-2013-1593
A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe module in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04 when sending a crafted SAP Message Server packet to TCP ports 36NN and/or 39NN.
Sap Netweaver 7.01
Sap Netweaver 7.02
Sap Netweaver 7.30
Sap Netweaver 2004s
5
CVSSv2
CVE-2021-40495
There are multiple Denial-of Service vulnerabilities in SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755. An unauthorized attacker can use the public SICF service /sap/public/bc/abap to reduce the performance of SAP NetWeave...
Sap Netweaver Application Server Abap 750
Sap Netweaver Application Server Abap 752
Sap Netweaver Application Server Abap 753
Sap Netweaver Application Server Abap 754
Sap Netweaver Application Server Abap 755
Sap Netweaver Abap 740
Sap Netweaver Abap 750
Sap Netweaver Abap 751
Sap Netweaver Abap 752
Sap Netweaver Abap 753
Sap Netweaver Abap 754
Sap Netweaver Abap 755
Sap Netweaver Application Server Abap 740
Sap Netweaver Application Server Abap 751
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-34377
CVE-2024-20859
CVE-2023-49606
inject
arbitrary
CVE-2024-33788
CVE-2024-30973
IDOR
CVE-2024-33907
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »