Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hana vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2015-7728
Cross-site scripting (XSS) vulnerability in user creation in the Web-based Development Workbench in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote authenticated users to inject arbitrary web script or HTML via the username, aka SAP Security Note 2153898.
Sap Hana 1.00.73.00.389160
6.5
CVSSv2
CVE-2015-7729
Eval injection in test-net.xsjs in the Web-based Development Workbench in SAP HANA Developer Edition DB 1.00.091.00.1418659308 allows remote authenticated users to execute arbitrary XSJS code via unspecified vectors, aka SAP Security Note 2153892.
Sap Hana 1.00.091.00
7.5
CVSSv2
CVE-2014-8588
SQL injection vulnerability in metadata.xsjs in SAP HANA 1.00.60.379371 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors.
Sap Hana 1.00.60.379371
5
CVSSv2
CVE-2016-6142
SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote malicious users to inject arbitrary audit trail fields into the SYSLOG via vectors related to the SQL protocol, aka SAP Security Note 2197459.
Sap Hana 1.00.73.00.389160
7.5
CVSSv2
CVE-2016-6143
SAP HANA DB 1.00.73.00.389160 allows remote malicious users to execute arbitrary code via vectors involving the audit logs, aka SAP Security Note 2170806.
Sap Hana 1.00.73.00.389160
5
CVSSv2
CVE-2016-6148
SAP HANA DB 1.00.73.00.389160 allows remote malicious users to cause a denial of service (process termination) or execute arbitrary code via vectors related to an IMPORT statement, aka SAP Security Note 2233136.
Sap Hana 1.00.73.00.389160
2.1
CVSSv2
CVE-2016-3640
The Extended Application Services (aka XS or XS Engine) in SAP HANA DB 1.00.091.00.1418659308 allows local users to obtain sensitive password information via vectors related to passwords in Web Dispatcher trace files, aka SAP Security Note 2148905.
Sap Hana Db 1.00.091.00.14186593
5.5
CVSSv2
CVE-2020-26834
SAP HANA Database, version - 2.0, does not correctly validate the username when performing SAML bearer token-based user authentication. It is possible to manipulate a valid existing SAML bearer token to authenticate as a user whose name is identical to the truncated username for ...
Sap Hana Database 2.00
5
CVSSv2
CVE-2016-3639
SAP HANA DB 1.00.091.00.1418659308 allows remote malicious users to obtain sensitive topology information via an unspecified HTTP request, aka SAP Security Note 2176128.
Sap Hana Db 1.00.091.00.1418659308
3.5
CVSSv2
CVE-2021-24302
The Hana Flv Player WordPress plugin up to and including 3.1.3 is vulnerable to an Authenticated Stored Cross-Site Scripting (XSS) vulnerability within the 'Default Skin' field.
Neox Hana Flv Player
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »