Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2007-3624
Heap-based buffer overflow in the Message HTTP Server in SAP Message Server allows remote malicious users to execute arbitrary code via a long string in the group parameter to /msgserver/html/group.
Sap Sap Message Server
1 EDB exploit
10
CVSSv2
CVE-2007-1917
Buffer overflow in the SYSTEM_CREATE_INSTANCE function in the SAP RFC Library 6.40 and 7.00 prior to 20061211 allows remote malicious users to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated ...
Sap Rfc Library 7.0
Sap Rfc Library 6.4
10
CVSSv2
CVE-2007-1916
Buffer overflow in the RFC_START_GUI function in the SAP RFC Library 6.40 and 7.00 prior to 20061211 allows remote malicious users to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the...
Sap Rfc Library 6.4
Sap Rfc Library 7.0
10
CVSSv2
CVE-2006-6346
Unspecified vulnerability in SAP Internet Graphics Service (IGS) 6.40 Patchlevel 15 and previous versions, and 7.00 Patchlevel 3 and previous versions, allows remote malicious users to cause a denial of service (service shutdown), obtain sensitive information (configuration files...
Sap Internet Graphics Server
10
CVSSv2
CVE-2006-4305
Buffer overflow in SAP DB and MaxDB prior to 7.6.00.30 allows remote malicious users to execute arbitrary code via a long database name when connecting via a WebDBM client.
Mysql Maxdb
Sap-db Sap-db
1 EDB exploit
10
CVSSv2
CVE-2006-2547
Unspecified vulnerability in the sapdba command in SAP with Informix prior to 700, and 700 up to patch 100, allows local users to execute arbitrary commands via unknown vectors related to "insecure environment variable" handling.
Sap Sapdba
9.4
CVSSv2
CVE-2015-8753
SAP Afaria 7.0.6001.5 allows remote malicious users to bypass authorization checks and wipe or lock mobile devices via a crafted request, related to "Insecure signature," aka SAP Security Note 2134905.
Sap Afaria 7.0.6001.5
9.3
CVSSv2
CVE-2021-38180
SAP Business One - version 10.0, allows an malicious user to inject formulas when exporting data to Excel (CSV injection) due to improper sanitation during the data export. An attacker could thereby execute arbitrary commands on the victim's computer but only if the victim a...
Sap Business One 10.0
9.3
CVSSv2
CVE-2021-33672
Due to missing encoding in SAP Contact Center's Communication Desktop component- version 700, an attacker could send malicious script in chat message. When the message is accepted by the chat recipient, the script gets executed in their scope. Due to the usage of ActiveX in ...
Sap Contact Center 700
9.3
CVSSv2
CVE-2014-9320
SAP BusinessObjects Edge 4.1 allows remote malicious users to obtain the SI_PLATFORM_SEARCH_SERVER_LOGON_TOKEN token and consequently gain SYSTEM privileges via vectors involving CORBA calls, aka SAP Note 2039905.
Sap Businessobjects Edge 4.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »