Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vahagn vardanyan vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2017-10366
Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: Performance Monitor). Supported versions that are affected are 8.54, 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network acces...
Oracle Peoplesoft Enterprise Peopletools 8.55
Oracle Peoplesoft Enterprise Peopletools 8.54
Oracle Peoplesoft Enterprise Peopletools 8.56
1 EDB exploit
1 Github repository
9.8
CVSSv3
CVE-2016-2386
SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote malicious users to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079.
Sap Netweaver Application Server Java 7.40
2 EDB exploits
2 Github repositories
1 Article
9.1
CVSSv3
CVE-2016-3974
XML external entity (XXE) vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 7.1 up to and including 7.5 allows remote malicious users to cause a denial of service, conduct SMB Relay attacks, or access arbitrary files via a crafted XML request to _tc~monitoring~we...
Sap Netweaver Application Server Java
1 EDB exploit
8.6
CVSSv3
CVE-2016-4014
XML external entity (XXE) vulnerability in the UDDI component in SAP NetWeaver JAVA AS 7.4 allows remote malicious users to cause a denial of service (system hang) via a crafted DTD in an XML request to uddi/api/replication, aka SAP Security Note 2254389.
Sap Netweaver 7.4
1 Github repository
7.5
CVSSv3
CVE-2016-3976
Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 up to and including 7.5 allows remote malicious users to read arbitrary files via a ..\ (dot dot backslash) in the fileName parameter to CrashFileDownloadServlet, aka SAP Security Note 2234971.
Sap Netweaver Application Server Java
1 EDB exploit
1 Article
7.2
CVSSv3
CVE-2019-2616
Vulnerability in the BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware (subcomponent: BI Publisher Security). Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker...
Oracle Business Intelligence Publisher 11.1.1.9.0
Oracle Business Intelligence Publisher 12.2.1.4.0
Oracle Business Intelligence Publisher 12.2.1.3.0
1 EDB exploit
6.6
CVSSv3
CVE-2018-2380
SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an malicious user to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs.
Sap Customer Relationship Management 7.33
Sap Customer Relationship Management 7.01
Sap Customer Relationship Management 7.02
Sap Customer Relationship Management 7.30
Sap Customer Relationship Management 7.31
Sap Customer Relationship Management 7.54
1 EDB exploit
1 Github repository
1 Article
6.1
CVSSv3
CVE-2017-3300
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Multichannel Framework). Supported versions that are affected are 8.54 and 8.55. Easily exploitable vulnerability allows unauthenticated attacker with network access via ...
Oracle Peoplesoft Enterprise Peopletools 8.54
Oracle Peoplesoft Enterprise Peopletools 8.55
6.1
CVSSv3
CVE-2016-4016
Cross-site scripting (XSS) vulnerability in SAP Manufacturing Integration and Intelligence (aka MII, formerly xMII) 15 allows remote malicious users to inject arbitrary web script or HTML via the title parameter to webdynpro/resources/sap.com/xapps~xmii~ui~admin~navigation/Naviga...
Sap Java As 7.4
6.1
CVSSv3
CVE-2016-3975
Cross-site scripting (XSS) vulnerability in SAP NetWeaver AS Java 7.1 up to and including 7.5 allows remote malicious users to inject arbitrary web script or HTML via the navigationTarget parameter to irj/servlet/prt/portal/prteventname/XXX/prtroot/com.sapportals.navigation.testC...
Sap Netweaver Application Server Java
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »