Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap netweaver application server java 7.50 vulnerabilities and exploits
(subscribe to this query)
446
VMScore
CVE-2017-12637
Directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS in SAP NetWeaver Application Server Java 7.5 allows remote malicious users to read arbitrary files via a .. (dot dot) in the query string, as exploited in the wild in August 2017, aka SAP Sec...
Sap Netweaver Application Server Java 7.50
357
VMScore
CVE-2016-10304
The SAP EP-RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to cause a denial of service (out-of-memory error and service instability) via a crafted serialized Java object, as demonstrated by serial.cc3, aka SAP Security Note 2315788.
Sap Netweaver Application Server Java 7.50
NA
CVE-2022-41262
Due to insufficient input validation, SAP NetWeaver AS Java (HTTP Provider Service) - version 7.50, allows an unauthenticated malicious user to inject a script into a web request header. On successful exploitation, an attacker can view or modify information causing a limited impa...
Sap Netweaver Application Server Java 7.50
NA
CVE-2023-31405
SAP NetWeaver AS for Java - versions ENGINEAPI 7.50, SERVERCORE 7.50, J2EE-APPS 7.50, allows an unauthenticated malicious user to craft a request over the network which can result in unwarranted modifications to a system log without user interaction. There is no ability to view a...
Sap Netweaver Application Server For Java 7.50
NA
CVE-2023-30744
In SAP AS NetWeaver JAVA - versions SERVERCORE 7.50, J2EE-FRMW 7.50, CORE-TOOLS 7.50, an unauthenticated attacker can attach to an open interface and make use of an open naming and directory API to instantiate an object which has methods which can be called without further author...
Sap Netweaver Application Server For Java 7.50
NA
CVE-2023-26460
Cache Management Service in SAP NetWeaver Application Server for Java - version 7.50, does not perform any authentication checks for functionalities that require user identity
Sap Netweaver Application Server For Java 7.50
NA
CVE-2023-27268
SAP NetWeaver AS Java (Object Analyzing Service) - version 7.50, does not perform necessary authorization checks, allowing an unauthenticated malicious user to attach to an open interface and make use of an open naming and directory API to access a service which will enable them ...
Sap Netweaver Application Server For Java 7.50
NA
CVE-2023-0017
An unauthenticated attacker in SAP NetWeaver AS for Java - version 7.50, due to improper access control, can attach to an open interface and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affecting users and da...
Sap Netweaver Application Server For Java 7.50
NA
CVE-2023-23857
Due to missing authentication check, SAP NetWeaver AS for Java - version 7.50, allows an unauthenticated malicious user to attach to an open interface and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affectin...
Sap Netweaver Application Server For Java 7.50
1 Article
445
VMScore
CVE-2022-27669
An unauthenticated user can use functions of XML Data Archiving Service of SAP NetWeaver Application Server for Java - version 7.50, to which access should be restricted. This may result in an escalation of privileges.
Sap Netweaver Application Server For Java 7.50
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »