Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap sap db vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2006-4305
Buffer overflow in SAP DB and MaxDB prior to 7.6.00.30 allows remote malicious users to execute arbitrary code via a long database name when connecting via a WebDBM client.
Mysql Maxdb
Sap-db Sap-db
1 EDB exploit
7.5
CVSSv2
CVE-2016-6143
SAP HANA DB 1.00.73.00.389160 allows remote malicious users to execute arbitrary code via vectors involving the audit logs, aka SAP Security Note 2170806.
Sap Hana 1.00.73.00.389160
7.5
CVSSv2
CVE-2015-7993
The Extended Application Services (aka XS or XS Engine) in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote malicious users to execute arbitrary code via unspecified vectors related to "HTTP Login," aka SAP Security Note 2197397.
Sap Hana 1.00.73.00.389160
7.5
CVSSv2
CVE-2015-7994
The SQL interface in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote malicious users to execute arbitrary code via unspecified vectors related to "SQL Login," aka SAP Security Note 2197428.
Sap Hana 1.00.73.00.389160
7.5
CVSSv2
CVE-2007-3614
Multiple stack-based buffer overflows in waHTTP.exe (aka the SAP DB Web Server) in SAP DB, possibly 7.3 up to and including 7.5, allow remote malicious users to execute arbitrary code via (1) a certain cookie value; (2) a certain additional parameter, related to sapdbwa_GetQueryS...
Sap Sap Db 7.4.03.30
Sap Sap Db 7.4.3
Sap Sap Db 7.4
Sap Sap Db 7.4.03.29
Sap Sap Db 7.4.3.7 Beta
Sap Sap Db 7.5
Sap Sap Db 7.3.00
Sap Sap Db 7.3.29
3 EDB exploits
7.5
CVSSv2
CVE-2003-0939
eo420_GetStringFromVarPart in veo420.c for SAP database server (SAP DB) 7.4.03.27 and previous versions may allow remote malicious users to execute arbitrary code via a connect packet with a 256 byte segment to the niserver (aka serv.exe) process on TCP port 7269, which prevents ...
Sap Sap Db
7.5
CVSSv2
CVE-2003-0942
Buffer overflow in Web Agent Administration service in web-tools for SAP DB prior to 7.4.03.30 allows remote malicious users to execute arbitrary code via a long Name parameter to waadmin.wa.
Sap Sap Db
7.5
CVSSv2
CVE-2003-0943
web-tools in SAP DB prior to 7.4.03.30 installs several services that are enabled by default, which could allow remote malicious users to obtain potentially sensitive information or redirect attacks against internal databases via (1) waecho, (2) Web SQL Interface (websql), or (3)...
Sap Sap Db
7.5
CVSSv2
CVE-2003-0941
web-tools in SAP DB prior to 7.4.03.30 allows remote malicious users to access the Web Agent Administration pages and modify configuration via a direct request to waadmin.wa.
Sap Sap Db
7.5
CVSSv2
CVE-2003-0944
Buffer overflow in the WAECHO default service in web-tools in SAP DB prior to 7.4.03.30 allows remote malicious users to execute arbitrary code via a URL with a long requestURI.
Sap Sap Db
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »