74 matches found
Unspecified Vulnerability in SAP ABAP
SAP Netweaver is a set of service-oriented integrated application platform from SAP, which provides a development and runtime environment for SAP applications. The platform provides a development and runtime environment for SAP applications, and ABAP is an application server that runs in NetWeave...
The vulnerabilities of the software components—Knowledge Management Configuration Service, EPBC, and EPBC2 on the SAP NetWeaver platform—allow attackers to control the application.
The vulnerability of the software components—Knowledge Management Configuration Service, EPBC, and EPBC2 of the SAP NetWeaver platform—is related to insufficient testing of server-side requests. Exploiting this vulnerability allows a malicious actor to control the application using specially...
CVE-2018-2494
Necessary authorization checks for an authenticated user, resulting in escalation of privileges, have been fixed in SAP Basis AS ABAP of SAP NetWeaver 700 to 750, from 750 onwards delivered as ABAP Platform...
SAP NetWeaver Application Server ABAP Certificate Validation Security Bypass Vulnerability
SAP NetWeaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A security bypass vulnerability exists in SAP NetWeaver Application Server ABAP, which stems from the applicatio...
The vulnerability of the “/com.sap.portal.design.datamigration.LogPortalComponent” component of the SAP NetWeaver software integration platform allows a hacker to inject any HTML tags into the page.
The vulnerability of the “/com.sap.portal.design.datamigration.LogPortalComponent” component of the SAP NetWeaver software integration platform exists due to the lack of measures taken to protect the structure of the web page. This vulnerability allows a malicious actor to inject arbitrary HTML...
SAP NetWeaver Denial of Service Vulnerability (CNVD-2017-23560)
SAP NetWeaver is a service-oriented, integrated application platform from SAP that provides a development and runtime environment for SAP applications.SAP Netweaver AS ABAP is an application server that runs in NetWeaver and is based on the ABAP high-level programming language. A security...
The vulnerability of the SAPSTARTSRV service, a software integration platform of SAP NetWeaver, allows a perpetrator to trigger a service failure.
The vulnerability of the SAPSTARTSRV service of the SAP NetWeaver software integration platform is caused by a buffer overflow on the stack. Exploiting this vulnerability allows an attacker, operating remotely, to cause a service failure using a specially crafted package...
SAP NetWeaver XML External Entity Injection Vulnerability
SAP NetWeaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. An XML external entity injection vulnerability exists in SAP Netweaver. An attacker could exploit this...
SAP NetWeaver Information Disclosure Vulnerability (CNVD-2017-03609)
SAP NetWeaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. An information disclosure vulnerability exists in SAP NetWeaver. An attacker could exploit this vulnerability to...
SAP TREX Remote Command Execution Vulnerability
SAP TREX is a search engine from SAP for the SAP NetWeaver integrated technology platform. A remote command execution vulnerability exists in version 7.10 of SAP TREX that could be exploited by an attacker to execute arbitrary code in the context of an affected application...
SAP TREX Arbitrary File Read Vulnerability
SAP TREX is a search engine from SAP for the SAP NetWeaver integrated technology platform. An arbitrary file read vulnerability exists in SAP TREX, which can be exploited by a remote attacker to read arbitrary files in an affected application where the user resides...
The vulnerability of the SAP NetWeaver software integration platform allows attackers to obtain confidential information, enhance their privileges, or carry out other malicious actions.
The vulnerability of the XML Data Archiving Service component of the SAP NetWeaver software integration platform is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to obtain confidential information, enhance their privileges, or cause other adverse...
The vulnerability of the SAP NetWeaver software integration platform allows a hacker to execute arbitrary SQL commands.
The vulnerability of the UDDI server component of the SAP NetWeaver software integration platform is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands remotely...
The vulnerability of the SAP NetWeaver software integration platform allows a hacker to obtain information about the integration platform and the operating system.
The vulnerability of the SAP NetWeaver integration platform exists due to the lack of restrictions on remote invocation of the GetSystemInstanceList function. Exploiting this vulnerability allows a malicious actor to obtain information about the integration platform and the operating system throu...