Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
sap crystal reports - vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2010-3032
Integer overflow in the OBGIOPServerWorker::extractHeader function in the ebus-3-3-2-6.dll module in SAP Crystal Reports 2008 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a GIOP packet with a crafted size, which trigge...
Sap Crystal Reports 2008
10
CVSSv2
CVE-2009-3345
Heap-based buffer overflow in SAP Crystal Reports Server 2008 has unknown impact and attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.3 up to and including 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, beca...
Sap Crystal Reports Server 2008
10
CVSSv2
CVE-2009-3346
Unspecified vulnerability in SAP Crystal Reports Server 2008 allows remote malicious users to execute arbitrary code via unknown vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.3 up to and including 8.11. NOTE: as of 20090917, this disclosure has no ...
Sap Crystal Reports Server 2008
9.3
CVSSv2
CVE-2010-2590
Heap-based buffer overflow in the CrystalReports12.CrystalPrintControl.1 ActiveX control in PrintControl.dll 12.3.2.753 in SAP Crystal Reports 2008 SP3 Fix Pack 3.2 allows remote malicious users to execute arbitrary code via a long ServerResourceVersion property value.
Sap Crystal Reports 2008
2 EDB exploits
6.8
CVSSv2
CVE-2014-5505
Stack-based buffer overflow in SAP Crystal Reports allows remote malicious users to execute arbitrary code via a crafted data source string in an RPT file.
Sap Crystal Reports -
6.8
CVSSv2
CVE-2014-5506
Double free vulnerability in SAP Crystal Reports allows remote malicious users to execute arbitrary code via crafted connection string record in an RPT file.
Sap Crystal Reports -
6.5
CVSSv2
CVE-2020-6219
SAP Business Objects Business Intelligence Platform (CrystalReports WebForm Viewer), versions 4.1, 4.2, and Crystal Reports for VS version 2010, allows an attacker with basic authorization to perform deserialization attack in the application, leading to service interruptions and ...
Sap Businessobjects Business Intelligence Platform 4.1
Sap Businessobjects Business Intelligence Platform 4.2
Sap Crystal Reports For Visual Studio 2010
1 Article
6.5
CVSSv2
CVE-2018-2427
SAP BusinessObjects Business Intelligence Suite, versions 4.10 and 4.20, and SAP Crystal Reports (version for Visual Studio .NET, Version 2010) allows an malicious user to inject code that can be executed by the application. An attacker could thereby control the behaviour of the ...
Sap Crystal Reports -
Sap Businessobjects Business Intelligence 4.20
Sap Businessobjects Business Intelligence 4.10
5
CVSSv2
CVE-2021-40500
SAP BusinessObjects Business Intelligence Platform (Crystal Reports) - versions 420, 430, allows an unauthenticated malicious user to exploit missing XML validations at endpoints to read sensitive data. These endpoints are normally exposed over the network and successful exploita...
Sap Businessobjects Business Intelligence Platform 4.20
Sap Businessobjects Business Intelligence Platform 4.30
5
CVSSv2
CVE-2019-0285
The .NET SDK WebForm Viewer in SAP Crystal Reports for Visual Studio (fixed in version 2010) discloses sensitive database information including credentials which can be misused by the attacker.
Sap Crystal Reports 2010
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »