Lucene search
K

190 matches found

Positive Technologies
Positive Technologies
added 2021/06/09 12:0 a.m.7 views

PT-2021-17561 · Sap · Sap Internet Graphics Server

Name of the Vulnerable Software and Affected Versions: SAP Internet Graphics Service versions 7.20, 7.20EXT, 7.53, 7.20 EX2, 7.81 Description: The issue allows an unauthenticated attacker to submit a malicious request over a network after retrieving an existing system state value. This is due to...

5.9CVSS5.8AI score0.01208EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/06/09 12:0 a.m.23 views

CVE-2021-27625

SAP Internet Graphics Service, versions - 7.20,7.20EXT,7.53,7.20EX2,7.81, allows an unauthenticated attacker after retrieving an existing system state value can submit a malicious IGS request over a network which due to insufficient input validation in method IgsData::freeMemory which will trigge...

5.9CVSS6.2AI score0.01208EPSS
Exploits0References2
CVE
CVE
added 2021/06/09 12:0 a.m.49 views

CVE-2021-27622

SAP Internet Graphics Service (versions 7.20, 7.20EXT, 7.53, 7.20_EX2, 7.81) is affected by a memory corruption vulnerability in CDrawRaster::LoadImageFromMemory() that can be exploited unauthenticated over a network to crash the system, rendering it unavailable. The issue originates from insuffi...

5.9CVSS5.9AI score0.01208EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2021/06/08 12:0 a.m.5 views

SAP Internet Graphics Server 缓冲区错误漏洞

SAP Internet Graphics Service is a component of the SAP R/3 enterprise environment that provides graphics services. A memory corruption vulnerability exists in SAP Internet Graphics Service, which can be exploited by an unauthenticated attacker to cause a system crash by submitting a malicious IG...

5.9CVSS5.7AI score0.01208EPSS
Exploits0References7
CNNVD
CNNVD
added 2021/06/08 12:0 a.m.8 views

SAP Internet Graphics Server 缓冲区错误漏洞

SAP Internet Graphics Service is a component of the SAP R/3 enterprise environment that provides graphics services. A memory corruption vulnerability exists in SAP Internet Graphics Service, which can be exploited by an unauthenticated attacker to cause a system crash by submitting a malicious IG...

5.9CVSS5.7AI score0.01208EPSS
Exploits0References7
CNNVD
CNNVD
added 2021/06/08 12:0 a.m.5 views

SAP Internet Graphics Server 缓冲区错误漏洞

SAP Internet Graphics Service is a component of the SAP R/3 enterprise environment that provides graphics services. A memory corruption vulnerability exists in SAP Internet Graphics Service, which can be exploited by an unauthenticated attacker to cause a system crash by submitting a malicious IG...

5.9CVSS5.7AI score0.00863EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/06/08 12:0 a.m.6 views

SAP Internet Graphics Service 缓冲区错误漏洞

SAP Internet Graphics Service is a component of the SAP R/3 enterprise environment that provides graphics services. A memory corruption vulnerability exists in SAP Internet Graphics Service that originates from an input validation error in CDrawRaster::LoadImageFromMemory. An unauthenticated...

5.9CVSS5.7AI score0.01208EPSS
Exploits0References7
Rapid7 Blog
Rapid7 Blog
added 2020/10/09 7:41 p.m.814 views

Metasploit Wrap-Up

SAP Internet Graphics Server IGS This week includes a new module targeting the SAP Internet Graphics Server application, contributed by community member Vladimir Ivanov. This particular module covers two CVEs that are both XML External Entity XXE bugs that are remotely exploitable. The module com...

9.3CVSS0.9AI score0.99965EPSS
Exploits107
NVD
NVD
added 2018/07/10 6:29 p.m.16 views

CVE-2018-2438

The SAP Internet Graphics Server IGS, 7.20, 7.20EXT, 7.45, 7.49, 7.53, has several denial-of-service vulnerabilities that allow an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service...

7.5CVSS7.6AI score0.01969EPSS
Exploits0References3
OSV
OSV
added 2018/07/10 6:29 p.m.1 views

CVE-2018-2438

The SAP Internet Graphics Server IGS, 7.20, 7.20EXT, 7.45, 7.49, 7.53, has several denial-of-service vulnerabilities that allow an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service...

7.5CVSS5.8AI score0.01969EPSS
Exploits0References3
NVD
NVD
added 2018/07/10 6:29 p.m.18 views

CVE-2018-2439

The SAP Internet Graphics Server IGS, 7.20, 7.20EXT, 7.45, 7.49, 7.53, has insufficient request validation for example, where the request is validated for authenticity and validity and under certain conditions, will process invalid requests. Several areas of the SAP Internet Graphics Server IGS d...

5.9CVSS5.8AI score0.01556EPSS
Exploits0References3
NVD
NVD
added 2018/07/10 6:29 p.m.12 views

CVE-2018-2437

The SAP Internet Graphics Service IGS, 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to externally trigger IGS command executions which can lead to: disclosure of information and malicious file insertion or modification...

9.1CVSS9.1AI score0.03298EPSS
Exploits0References3
OSV
OSV
added 2018/07/10 6:29 p.m.4 views

CVE-2018-2437

The SAP Internet Graphics Service IGS, 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to externally trigger IGS command executions which can lead to: disclosure of information and malicious file insertion or modification...

9.1CVSS5.8AI score0.03298EPSS
Exploits0References3
Prion
Prion
added 2018/07/10 6:29 p.m.19 views

Design/Logic Flaw

The SAP Internet Graphics Service IGS, 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to externally trigger IGS command executions which can lead to: disclosure of information and malicious file insertion or modification...

6.4CVSS8.9AI score0.03298EPSS
Exploits0References3Affected Software1
Prion
Prion
added 2018/07/10 6:29 p.m.18 views

Input validation

The SAP Internet Graphics Server IGS, 7.20, 7.20EXT, 7.45, 7.49, 7.53, has insufficient request validation for example, where the request is validated for authenticity and validity and under certain conditions, will process invalid requests. Several areas of the SAP Internet Graphics Server IGS d...

4.3CVSS5.8AI score0.01556EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/07/10 6:0 p.m.16 views

CVE-2018-2438

The SAP Internet Graphics Server IGS, 7.20, 7.20EXT, 7.45, 7.49, 7.53, has several denial-of-service vulnerabilities that allow an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service...

7.7AI score0.01969EPSS
Exploits0References3
Cvelist
Cvelist
added 2018/07/10 6:0 p.m.19 views

CVE-2018-2439

The SAP Internet Graphics Server IGS, 7.20, 7.20EXT, 7.45, 7.49, 7.53, has insufficient request validation for example, where the request is validated for authenticity and validity and under certain conditions, will process invalid requests. Several areas of the SAP Internet Graphics Server IGS d...

5.8AI score0.01556EPSS
Exploits0References3
CVE
CVE
added 2018/07/10 6:0 p.m.44 views

CVE-2018-2439

CVE-2018-2439 refers to the SAP Internet Graphics Server (IGS) affecting versions 7.20, 7.20EXT, 7.45, 7.49, 7.53. The issue is insufficient input validation in multiple IGS components (HTTP and RFC listener, portwatcher registration with the multiplexer, and the multiplexer itself), which can al...

5.9CVSS5.7AI score0.01556EPSS
Exploits0References3Affected Software1
CNVD
CNVD
added 2018/05/22 12:0 a.m.3 views

SAP Internet Graphics Server Arbitrary File Upload Vulnerability

SAP Internet Graphics Server IGS is a graphics server from SAP, Germany. The product is capable of generating graphs or charts in different areas. A security vulnerability exists in SAP IGS that stems from the program's failure to properly validate file formats. An attacker could exploit the...

9.8CVSS7AI score0.0158EPSS
Exploits0References1
CNVD
CNVD
added 2018/05/22 12:0 a.m.3 views

SAP Internet Graphics Server HTTP and RFC listener denial of service vulnerability

SAP Internet Graphics Server IGS is a graphics server from SAP, Germany. The product is able to generate graphs or charts in different areas.HTTP is one of the hypertext transfer protocols; RFC listener is one of the RFC listener. A security vulnerability exists in HTTP and RFC listener in SAP IG...

7.5CVSS6.3AI score0.02555EPSS
Exploits0References1
Rows per page
Query Builder