Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-6950
SAP GUI 7.2 up to and including 7.5 allows remote malicious users to bypass intended security policy restrictions and execute arbitrary code via a crafted ABAP code, aka SAP Security Note 2407616.
Sap Gui For Windows 7.30
Sap Gui For Windows 7.40 Core Sp00-sp011
Sap Gui For Windows 7.50 Core Sp000
Sap Gui For Windows 7.20
9.8
CVSSv3
CVE-2016-7402
SAP ASE 16.0 SP02 PL03 and prior versions allow attackers who own SourceDB and TargetDB databases to elevate privileges to sa (system administrator) via dbcc import_sproc SQL injection.
Sybase Adaptive Server Enterprise
9.8
CVSSv3
CVE-2016-6137
An unspecified function in SAP TREX 7.10 Revision 63 allows remote malicious users to execute arbitrary OS commands via unknown vectors, aka SAP Security Note 2203591.
Sap Trex 7.10
9.8
CVSSv3
CVE-2016-6150
The multi-tenant database container feature in SAP HANA does not properly encrypt communications, which allows remote malicious users to bypass intended access restrictions and possibly have unspecified other impact via unknown vectors, aka SAP Security Note 2233550.
Sap Hana -
9.8
CVSSv3
CVE-2016-6138
Directory traversal vulnerability in SAP TREX 7.10 Revision 63 allows remote malicious users to read arbitrary files via unspecified vectors, aka SAP Security Note 2203591.
Sap Trex 7.10
9.8
CVSSv3
CVE-2016-6147
An unspecified interface in SAP TREX 7.10 Revision 63 allows remote malicious users to execute arbitrary OS commands with SIDadm privileges via unspecified vectors, aka SAP Security Note 2234226.
Sap Trex 7.10
9.8
CVSSv3
CVE-2016-6139
SAP TREX 7.10 Revision 63 allows remote malicious users to read arbitrary files via unspecified vectors, aka SAP Security Note 2203591.
Sap Trex 7.10
9.8
CVSSv3
CVE-2016-6140
SAP TREX 7.10 Revision 63 allows remote malicious users to write to arbitrary files via vectors related to RFC-Gateway, aka SAP Security Note 2203591.
Sap Trex 7.10
9.8
CVSSv3
CVE-2016-2386
SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079.
Sap Netweaver Application Server Java 7.40
2 EDB exploits
2 Github repositories
1 Article
9.8
CVSSv3
CVE-2016-1928
Buffer overflow in the XS engine (hdbxsengine) in SAP HANA allows remote malicious users to cause a denial of service or execute arbitrary code via a crafted HTTP request, related to JSON, aka SAP Security Note 2241978.
Sap Hana -
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »