Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap netweaver vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2016-10311
Stack-based buffer overflow in SAP NetWeaver 7.0 up to and including 7.5 allows remote malicious users to cause a denial of service () by sending a crafted packet to the SAPSTARTSRV port, aka SAP Security Note 2295238.
Sap Netweaver 7.0
Sap Netweaver 7.3
Sap Netweaver 7.4
Sap Netweaver 7.5
668
VMScore
CVE-2015-7239
SQL injection vulnerability in the BP_FIND_JOBS_WITH_PROGRAM function module in SAP NetWeaver J2EE Engine 7.40 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Sap Netweaver J2ee Engine 7.40
668
VMScore
CVE-2015-5067
The (1) Cross-System Tools and (2) Data Transfer Workbench in SAP NetWeaver have hardcoded credentials, which allows remote malicious users to obtain access via unspecified vectors, aka SAP Security Notes 2059659 and 2057982.
Sap Netweaver -
668
VMScore
CVE-2015-5068
XML external entity (XXE) vulnerability in SAP Mobile Platform 3 allows remote malicious users to read arbitrary files or possibly have other unspecified impact via a crafted XML request, aka SAP Security Note 2159601.
Sap Mobile Platform 3.0
668
VMScore
CVE-2015-2282
Stack-based buffer overflow in the LZC decompression implementation (CsObjectInt::CsDecomprLZC function in vpa106cslzc.cpp) in SAP MaxDB 7.5 and 7.6, Netweaver Application Server ABAP, Netweaver Application Server Java, Netweaver RFC SDK, GUI, RFC SDK, SAPCAR archive tool, and ot...
Sap Maxdb 7.6
Sap Netweaver Abap Application Server -
Sap Gui -
Sap Rfc Library
Sap Maxdb 7.5
Sap Netweaver Java Application Server -
Sap Netweaver Rfc Sdk -
1 Article
668
VMScore
CVE-2015-4091
XML external entity (XXE) vulnerability in SAP NetWeaver AS Java 7.4 allows remote malicious users to send TCP requests to intranet servers or possibly have unspecified other impact via an XML request to tc~sld~wd~main/Main, related to "CIM UPLOAD," aka SAP Security Not...
Sap Sap Netweaver Application Server Java 7.4
668
VMScore
CVE-2014-8663
SQL injection vulnerability in Data Basis (BW-WHM-DBA) in SAP NetWeaver Business Warehouse allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Sap Netweaver Business Warehouse -
668
VMScore
CVE-2014-8587
SAPCRYPTOLIB prior to 5.555.38, SAPSECULIB, and CommonCryptoLib prior to 8.4.30, as used in SAP NetWeaver AS for ABAP and SAP HANA, allows remote malicious users to spoof Digital Signature Algorithm (DSA) signatures via unspecified vectors.
Sap Commoncryptolib
Sap Sapcryptolib
Sap Sapseculib -
Sap Hana -
Sap Netweaver
668
VMScore
CVE-2014-4003
The System Landscape Directory (SLD) in SAP NetWeaver allows remote malicious users to modify information via vectors related to adding a system.
Sap Netweaver -
668
VMScore
CVE-2013-7364
An unspecified J2EE core service in the J2EE Engine in SAP NetWeaver does not properly restrict access, which allows remote malicious users to read and write to arbitrary files via unknown vectors.
Sap Netweaver -
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »