Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
erpscan vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2018-2943
Vulnerability in the Oracle Fusion Middleware MapViewer component of Oracle Fusion Middleware (subcomponent: Map Builder). Supported versions that are affected are 12.2.1.2.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via ...
Oracle Fusion Middleware Mapviewer 12.2.1.3.0
Oracle Fusion Middleware Mapviewer 12.2.1.2.0
1 Article
9.8
CVSSv3
CVE-2018-2894
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services). Supported versions that are affected are 12.1.3.0, 12.2.1.2 and 12.2.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via...
Oracle Weblogic Server 12.2.1.2.0
Oracle Weblogic Server 12.2.1.3
Oracle Weblogic Server 12.1.3.0.0
Oracle Weblogic Server 10.3.6.0.0
8 Github repositories
1 Article
NA
CVE-2015-7986
The index server (hdbindexserver) in SAP HANA 1.00.095 allows remote malicious users to execute arbitrary code or cause a denial of service (memory corruption) via an HTTP request, aka SAP Security Note 2197428.
Sap Hana
1 EDB exploit
9.1
CVSSv3
CVE-2016-3974
XML external entity (XXE) vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 7.1 up to and including 7.5 allows remote malicious users to cause a denial of service, conduct SMB Relay attacks, or access arbitrary files via a crafted XML request to _tc~monitoring~we...
Sap Netweaver Application Server Java
1 EDB exploit
7.5
CVSSv3
CVE-2016-3976
Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 up to and including 7.5 allows remote malicious users to read arbitrary files via a ..\ (dot dot backslash) in the fileName parameter to CrashFileDownloadServlet, aka SAP Security Note 2234971.
Sap Netweaver Application Server Java
1 EDB exploit
1 Article
6.5
CVSSv3
CVE-2017-3546
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: MultiChannel Framework). Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerability allows unauthenticated attacker with network...
Oracle Peoplesoft Enterprise Peopletools 8.55
Oracle Peoplesoft Enterprise Peopletools 8.54
1 EDB exploit
9.1
CVSSv3
CVE-2017-3549
Vulnerability in the Oracle Scripting component of Oracle E-Business Suite (subcomponent: Scripting Administration). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily "exploitable" vulnerability allows unauthentic...
Oracle Scripting 12.2.3
Oracle Scripting 12.2.6
Oracle Scripting 12.1.2
Oracle Scripting 12.1.1
Oracle Scripting 12.2.4
Oracle Scripting 12.2.5
Oracle Scripting 12.1.3
1 EDB exploit
7.5
CVSSv3
CVE-2016-2389
Directory traversal vulnerability in the GetFileList function in the SAP Manufacturing Integration and Intelligence (xMII) component 15.0 for SAP NetWeaver 7.4 allows remote malicious users to read arbitrary files via a .. (dot dot) in the Path parameter to /Catalog, aka SAP Secu...
Sap Netweaver 7.40
1 EDB exploit
6.5
CVSSv3
CVE-2017-3548
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Supported versions that are affected are 8.54 and 8.55. Easily "exploitable" vulnerability allows unauthenticated attacker with network acc...
Oracle Peoplesoft Enterprise Peopletools 8.55
Oracle Peoplesoft Enterprise Peopletools 8.54
2 EDB exploits
9.8
CVSSv3
CVE-2016-2386
SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079.
Sap Netweaver Application Server Java 7.40
2 EDB exploits
2 Github repositories
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3661
open redirect
CVE-2024-25512
CVE-2024-33788
command injection
SSTI
CVE-2024-0043
CVE-2024-29210
CVE-2024-25510
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »