Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap maxdb vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2010-1185
Stack-based buffer overflow in serv.exe in SAP MaxDB 7.4.3.32, and 7.6.0.37 up to and including 7.6.06 allows remote malicious users to execute arbitrary code via an invalid length parameter in a handshake packet to TCP port 7210. NOTE: some of these details are obtained from thi...
Sap Maxdb 7.6.06
Sap Maxdb 7.6.0.37
Sap Maxdb 7.4.3.32
1 EDB exploit
7.2
CVSSv3
CVE-2018-2450
SAP MaxDB (liveCache), versions 7.8 and 7.9, allows an attacker who gets DBM operator privileges to execute crafted database queries and therefore read, modify or delete sensitive data from database.
Sap Maxdb 7.9
Sap Maxdb 7.8
NA
CVE-2008-0244
SAP MaxDB 7.6.03 build 007 and previous versions allows remote malicious users to execute arbitrary commands via "&&" and other shell metacharacters in exec_sdbinfo and other unspecified commands, which are executed when MaxDB invokes cons.exe.
Sap Maxdb
1 EDB exploit
1 Github repository
NA
CVE-2015-2282
Stack-based buffer overflow in the LZC decompression implementation (CsObjectInt::CsDecomprLZC function in vpa106cslzc.cpp) in SAP MaxDB 7.5 and 7.6, Netweaver Application Server ABAP, Netweaver Application Server Java, Netweaver RFC SDK, GUI, RFC SDK, SAPCAR archive tool, and ot...
Sap Maxdb 7.6
Sap Netweaver Abap Application Server -
Sap Gui -
Sap Rfc Library
Sap Maxdb 7.5
Sap Netweaver Java Application Server -
Sap Netweaver Rfc Sdk -
1 Article
NA
CVE-2015-2278
The LZH decompression implementation (CsObjectInt::BuildHufTree function in vpa108csulzh.cpp) in SAP MaxDB 7.5 and 7.6, Netweaver Application Server ABAP, Netweaver Application Server Java, Netweaver RFC SDK, GUI, RFC SDK, SAPCAR archive tool, and other products allows context-de...
Sap Maxdb 7.5
Sap Netweaver Java Application Server -
Sap Netweaver Rfc Sdk -
Sap Gui -
Sap Rfc Library
Sap Maxdb 7.6
Sap Netweaver Abap Application Server -
1 Article
NA
CVE-2006-4305
Buffer overflow in SAP DB and MaxDB prior to 7.6.00.30 allows remote malicious users to execute arbitrary code via a long database name when connecting via a WebDBM client.
Mysql Maxdb
Sap-db Sap-db
1 EDB exploit
NA
CVE-2008-1810
Untrusted search path vulnerability in dbmsrv in SAP MaxDB 7.6.03.15 on Linux allows local users to gain privileges via a modified PATH environment variable.
Sap Maxdb 7.6.03.15
NA
CVE-2008-0306
sdbstarter in SAP MaxDB 7.6.0.37, and possibly other versions, allows local users to execute arbitrary commands by using unspecified environment variables to modify configuration settings.
Sap Maxdb 7.6.0.37
NA
CVE-2008-0307
Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and possibly other versions, allows remote malicious users to execute arbitrary code via unknown vectors that trigger heap corruption.
Sap Maxdb 7.6.0.37
9.8
CVSSv3
CVE-2018-2418
SAP MaxDB ODBC driver (all versions prior to 7.9.09.07) allows an malicious user to inject code that can be executed by the application. An attacker could thereby control the behavior of the application.
Sap Maxdb Odbc Driver
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »