Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
businessobjects vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2015-7730
SAP BusinessObjects BI Platform 4.1, BusinessObjects Edge 4.0, and BusinessObjects XI (BOXI) 3.1 R3 allow remote malicious users to cause a denial of service (out-of-bounds read and listener crash) via a crafted GIOP packet, aka SAP Security Note 2001108.
Sap Businessobjects 4.1
Sap Businessobjects Xi 3.1
Sap Businessobjects Xi R3
Sap Businessobjects Edge 4.0
10
CVSSv2
CVE-2014-9387
SAP BusinessObjects Edge 4.1 allows remote malicious users to obtain the SI_PLATFORM_SEARCH_SERVER_LOGON_TOKEN token and gain privileges via a crafted CORBA call, aka SAP Note 2039905.
Sap Businessobjects 4.1
10
CVSSv2
CVE-2010-0219
Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier for remote malicious users to execute arbitrary code by uploading a crafted web s...
Apache Axis2 1.3
Apache Axis2 1.4
Apache Axis2 1.5.2
Apache Axis2 1.6
Apache Axis2 1.5
Apache Axis2 1.4.1
Apache Axis2 1.5.1
Sap Businessobjects 3.2
3 EDB exploits
1 Github repository
9.3
CVSSv2
CVE-2014-9320
SAP BusinessObjects Edge 4.1 allows remote malicious users to obtain the SI_PLATFORM_SEARCH_SERVER_LOGON_TOKEN token and consequently gain SYSTEM privileges via vectors involving CORBA calls, aka SAP Note 2039905.
Sap Businessobjects Edge 4.1
9.3
CVSSv2
CVE-2007-6254
Stack-based buffer overflow in the SAP Business Objects BusinessObjects RptViewerAX ActiveX control in RptViewerAX.dll in Business Objects 6.5 before CHF74 allows remote malicious users to execute arbitrary code via unspecified vectors.
Sap Business Objects
9.3
CVSSv2
CVE-2008-0379
Race condition in the Enterprise Tree ActiveX control (EnterpriseControls.dll 11.5.0.313) in Crystal Reports XI Release 2 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via the SelectedSession method, which triggers a buffer...
Businessobjects Crystal Reports Xi R2
1 EDB exploit
9
CVSSv2
CVE-2010-3983
CmcApp in SAP BusinessObjects Enterprise XI 3.2 allows remote authenticated users to gain privileges via vectors involving the Program Job Server and the Program Login property.
Sap Businessobjects 3.2
7.6
CVSSv2
CVE-2006-6133
Stack-based buffer overflow in Visual Studio Crystal Reports for Microsoft Visual Studio .NET 2002 and 2002 SP1, .NET 2003 and 2003 SP1, and 2005 and 2005 SP1 (formerly Business Objects Crystal Reports XI Professional) allows user-assisted remote malicious users to execute arbitr...
Microsoft Visual Studio .net 2005
Businessobjects Crystal Reports Xi
Microsoft Visual Studio .net 2002
Microsoft Visual Studio .net 2003
1 EDB exploit
7.5
CVSSv2
CVE-2020-6242
SAP Business Objects Business Intelligence Platform (Live Data Connect), versions 1.0, 2.0, 2.1, 2.2, 2.3, allows an malicious user to logon on the Central Management Console without password in case of the BIPRWS application server was not protected with some specific certificat...
Sap Businessobjects Business Intelligence Platform 1.0
Sap Businessobjects Business Intelligence Platform 2.0
Sap Businessobjects Business Intelligence Platform 2.1
Sap Businessobjects Business Intelligence Platform 2.2
Sap Businessobjects Business Intelligence Platform 2.3
1 Article
7.5
CVSSv2
CVE-2019-0259
SAP BusinessObjects, versions 4.2 and 4.3, (Visual Difference) allows an malicious user to upload any file (including script files) without proper file format validation.
Sap Businessobjects 4.3
Sap Businessobjects 4.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »