Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap netweaver vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-29186
In SAP NetWeaver (BI CONT ADDON) - versions 707, 737, 747, 757, an attacker can exploit a directory traversal flaw in a report to upload and overwrite files on the SAP server. Data cannot be read but if a remote attacker has sufficient (administrative) privileges then potentially...
Sap Netweaver 707
Sap Netweaver 737
Sap Netweaver 747
Sap Netweaver 757
1000
VMScore
CVE-2013-1592
A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistics() function when sending specially crafted SAP Message Server packets to remote TCP ports 36NN and/or 39NN in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04, which could let a remot...
Sap Netweaver 2004s
Sap Netweaver 7.01
Sap Netweaver 7.02
Sap Netweaver 7.30
1 EDB exploit
446
VMScore
CVE-2013-1593
A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe module in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04 when sending a crafted SAP Message Server packet to TCP ports 36NN and/or 39NN.
Sap Netweaver 2004s
Sap Netweaver 7.01
Sap Netweaver 7.02
Sap Netweaver 7.30
578
VMScore
CVE-2018-2477
Knowledge Management (XMLForms) in SAP NetWeaver, versions 7.30, 7.31, 7.40 and 7.50 does not sufficiently validate an XML document accepted from an untrusted source.
Sap Netweaver 7.30
Sap Netweaver 7.31
Sap Netweaver 7.40
Sap Netweaver 7.50
448
VMScore
CVE-2016-4015
The Enqueue Server in SAP NetWeaver JAVA AS 7.1 up to and including 7.4 allows remote malicious users to cause a denial of service (process crash) via a crafted request, aka SAP Security Note 2258784.
Sap Netweaver 7.1
Sap Netweaver 7.2
Sap Netweaver 7.3
Sap Netweaver 7.4
801
VMScore
CVE-2021-38163
SAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7.50, without restriction, an attacker authenticated as a non-administrative user can upload a malicious file over a network and trigger its processing, which is capable of running operating system commands with ...
Sap Netweaver 7.30
Sap Netweaver 7.31
Sap Netweaver 7.40
Sap Netweaver 7.50
1 Github repository
1 Article
383
VMScore
CVE-2021-38183
SAP NetWeaver - versions 700, 701, 702, 730, does not sufficiently encode user-controlled inputs, allowing an malicious user to cause a potential victim to supply a malicious content to a vulnerable web application, which is then reflected to the victim and executed by the web br...
Sap Netweaver 701
Sap Netweaver 702
Sap Netweaver 730
Sap Netweaver 700
383
VMScore
CVE-2019-0248
Under certain conditions SAP Gateway of ABAP Application Server (fixed in SAP_GWFND 7.5, 7.51, 7.52, 7.53; SAP_BASIS 7.5) allows an malicious user to access information which would otherwise be restricted.
Sap Netweaver 7.5
Sap Netweaver 7.53
Sap Netweaver 7.52
Sap Netweaver 7.51
Sap Basis 7.5
1 Article
578
VMScore
CVE-2022-29611
SAP NetWeaver Application Server for ABAP and ABAP Platform do not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
Sap Netweaver Application Server Abap 702
Sap Netweaver Application Server Abap 750
Sap Netweaver Application Server Abap 752
Sap Netweaver Application Server Abap 753
Sap Netweaver Application Server Abap 754
Sap Netweaver Application Server Abap 755
Sap Netweaver Application Server Abap 756
Sap Netweaver Application Server Abap 700
Sap Netweaver Application Server Abap 710
Sap Netweaver Application Server Abap 730
Sap Netweaver Application Server Abap 731
Sap Netweaver Application Server Abap 711
Sap Netweaver Application Server Abap 740
Sap Netweaver Application Server Abap 751
Sap Netweaver Application Server Abap 701
Sap Netweaver Application Server Abap 787
Sap Netweaver Application Server Abap 788
445
VMScore
CVE-2022-29616
SAP Host Agent, SAP NetWeaver and ABAP Platform allow an malicious user to leverage logical errors in memory management to cause a memory corruption.
Sap Netweaver As Abap Krnl64uc 8.04
Sap Netweaver As Abap Krnl64uc 7.22ext
Sap Netweaver As Abap Krnl64uc 7.49
Sap Netweaver As Abap Krnl64uc 7.53
Sap Netweaver As Abap Krnl64uc 7.22
Sap Netweaver As Abap Kernel 7.22
Sap Netweaver As Abap Kernel 8.04
Sap Netweaver As Abap Kernel 7.49
Sap Netweaver As Abap Kernel 7.53
Sap Netweaver As Abap Kernel 7.77
Sap Netweaver As Abap Kernel 7.81
Sap Netweaver As Abap Kernel 7.85
Sap Netweaver As Abap Kernel 7.86
Sap Netweaver As Abap Kernel 7.87
Sap Netweaver As Abap Krnl64nuc 7.22ext
Sap Netweaver As Abap Krnl64nuc 7.49
Sap Netweaver As Abap Krnl64nuc 7.22
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »