Lucene search
K

74 matches found

CNVD
CNVD
added 2019/02/15 12:0 a.m.2 views

Unspecified Vulnerability in SAP ABAP

SAP Netweaver is a set of service-oriented integrated application platform from SAP, which provides a development and runtime environment for SAP applications. The platform provides a development and runtime environment for SAP applications, and ABAP is an application server that runs in NetWeave...

8.8CVSS6.8AI score0.0139EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/01/28 12:0 a.m.8 views

The vulnerabilities of the software components—Knowledge Management Configuration Service, EPBC, and EPBC2 on the SAP NetWeaver platform—allow attackers to control the application.

The vulnerability of the software components—Knowledge Management Configuration Service, EPBC, and EPBC2 of the SAP NetWeaver platform—is related to insufficient testing of server-side requests. Exploiting this vulnerability allows a malicious actor to control the application using specially...

6.6CVSS5.7AI score0.0087EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2018/12/11 10:29 p.m.1 views

CVE-2018-2494

Necessary authorization checks for an authenticated user, resulting in escalation of privileges, have been fixed in SAP Basis AS ABAP of SAP NetWeaver 700 to 750, from 750 onwards delivered as ABAP Platform...

8CVSS5.8AI score
Exploits0References2
CNVD
CNVD
added 2018/02/26 12:0 a.m.2 views

SAP NetWeaver Application Server ABAP Certificate Validation Security Bypass Vulnerability

SAP NetWeaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A security bypass vulnerability exists in SAP NetWeaver Application Server ABAP, which stems from the applicatio...

6.8AI score
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2017/09/28 12:0 a.m.6 views

The vulnerability of the “/com.sap.portal.design.datamigration.LogPortalComponent” component of the SAP NetWeaver software integration platform allows a hacker to inject any HTML tags into the page.

The vulnerability of the “/com.sap.portal.design.datamigration.LogPortalComponent” component of the SAP NetWeaver software integration platform exists due to the lack of measures taken to protect the structure of the web page. This vulnerability allows a malicious actor to inject arbitrary HTML...

5.5CVSS5.6AI score
Exploits0References1Affected Software1
CNVD
CNVD
added 2017/07/13 12:0 a.m.5 views

SAP NetWeaver Denial of Service Vulnerability (CNVD-2017-23560)

SAP NetWeaver is a service-oriented, integrated application platform from SAP that provides a development and runtime environment for SAP applications.SAP Netweaver AS ABAP is an application server that runs in NetWeaver and is based on the ABAP high-level programming language. A security...

4CVSS6AI score0.02255EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2017/06/02 12:0 a.m.7 views

The vulnerability of the SAPSTARTSRV service, a software integration platform of SAP NetWeaver, allows a perpetrator to trigger a service failure.

The vulnerability of the SAPSTARTSRV service of the SAP NetWeaver software integration platform is caused by a buffer overflow on the stack. Exploiting this vulnerability allows an attacker, operating remotely, to cause a service failure using a specially crafted package...

7.5CVSS8.2AI score0.02231EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2017/05/24 12:0 a.m.1 views

SAP NetWeaver XML External Entity Injection Vulnerability

SAP NetWeaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. An XML external entity injection vulnerability exists in SAP Netweaver. An attacker could exploit this...

7.3AI score
Exploits0References1
CNVD
CNVD
added 2017/03/16 12:0 a.m.1 views

SAP NetWeaver Information Disclosure Vulnerability (CNVD-2017-03609)

SAP NetWeaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. An information disclosure vulnerability exists in SAP NetWeaver. An attacker could exploit this vulnerability to...

6.1AI score
Exploits0References1
CNVD
CNVD
added 2016/09/03 12:0 a.m.5 views

SAP TREX Remote Command Execution Vulnerability

SAP TREX is a search engine from SAP for the SAP NetWeaver integrated technology platform. A remote command execution vulnerability exists in version 7.10 of SAP TREX that could be exploited by an attacker to execute arbitrary code in the context of an affected application...

10CVSS7.8AI score0.04679EPSS
Exploits0References1
CNVD
CNVD
added 2016/07/29 12:0 a.m.7 views

SAP TREX Arbitrary File Read Vulnerability

SAP TREX is a search engine from SAP for the SAP NetWeaver integrated technology platform. An arbitrary file read vulnerability exists in SAP TREX, which can be exploited by a remote attacker to read arbitrary files in an affected application where the user resides...

9.8CVSS6.8AI score0.04154EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2016/04/25 12:0 a.m.7 views

The vulnerability of the SAP NetWeaver software integration platform allows attackers to obtain confidential information, enhance their privileges, or carry out other malicious actions.

The vulnerability of the XML Data Archiving Service component of the SAP NetWeaver software integration platform is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to obtain confidential information, enhance their privileges, or cause other adverse...

6.5CVSS7.6AI score0.01315EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2016/03/02 12:0 a.m.6 views

The vulnerability of the SAP NetWeaver software integration platform allows a hacker to execute arbitrary SQL commands.

The vulnerability of the UDDI server component of the SAP NetWeaver software integration platform is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL commands remotely...

7.5CVSS7.1AI score0.7106EPSS
Exploits8References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2015/06/30 12:0 a.m.6 views

The vulnerability of the SAP NetWeaver software integration platform allows a hacker to obtain information about the integration platform and the operating system.

The vulnerability of the SAP NetWeaver integration platform exists due to the lack of restrictions on remote invocation of the GetSystemInstanceList function. Exploiting this vulnerability allows a malicious actor to obtain information about the integration platform and the operating system throu...

5CVSS5.5AI score0.02395EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder