639 matches found
Security Bulletin: Vulnerability in InstallAnywhere affects IBM Content Collector for SAP Applications on Microsoft Windows (CVE-2016-4560)
Summary IBM Content Collector for SAP Applications on Microsoft Windows is affected by a vulnerability caused by InstallAnywhere. Vulnerability Details CVEID: CVE-2016-4560 DESCRIPTION: Flexera InstallAnywhere could allow a local attacker to gain elevated privileges on the system, caused by an...
Security Bulletin: Vulnerabilities in GSKit affect IBM Content Collector for SAP Applications (CVE-2015-7421, CVE-2015-7420)
Summary Vulnerabilities were discovered in GSKit. IBM Content Collector for SAP Applications uses GSKit and addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-7421 DESCRIPTION: A vulnerability in GSKit could allow a remote attacker to obtain sensitive information. The internal I...
Security Bulletin: Multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 6 and 7 affect IBM Content Collector for SAP Applications (CVE-2015-4872, CVE-2015-7575)
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 6 and 7 that is used by IBM Content Collector for SAP Applications. These issues were disclosed as part of the IBM Java SDK updates in October 2015 and January 2016 and include the...
Security Bulletin: Multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 6 and 7 affect IBM Content Collector for SAP Applications (CVE-2015-2613, CVE-2015-2601, CVE-2015-2625, CVE-2015-1931)
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Versions 6 and 7 that is used by IBM Content Collector for SAP Applications. These issues were disclosed as part of the IBM Java SDK updates in July 2015. Vulnerability Details CVEID: CVE-2015-2613...
Security Bulletin: Vulnerability in Diffie-Hellman ciphers affects IBM Content Collector for SAP Applications (CVE-2015-4000)
Summary The Logjam Attack on TLS connections using the Diffie-Hellman DH key exchange protocol affects IBM Content Collector for SAP Applications Vulnerability Details CVEID: CVE-2015-4000 DESCRIPTION: The TLS protocol could allow a remote attacker to obtain sensitive information, caused by the...
Security Bulletin: Vulnerability in RC4 stream cipher affects IBM Content Collector for SAP Applications (CVE-2015-2808)
Summary The RC4 “Bar Mitzvah” Attack for SSL/TLS affects IBM Content Collector for SAP Applications. Vulnerability Details CVEID: CVE-2015-2808 DESCRIPTION:The RC4 algorithm, as used in the TLS protocol and SSL protocol, could allow a remote attacker to obtain sensitive information. An attacker...
Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Content Collector for SAP Applications (CVE-2014-6593, CVE-2015-0410, CVE-2015-0383, CVE-2015-0138)
Summary There are multiple vulnerabilities in IBM® Runtime Environment Java™ Technology Edition, Version 6 and 7 that is used by IBM Content Collector for SAP Applications. These issues were disclosed as part of the IBM Java SDK updates in January 2015. This bulletin also addresses the “FREAK:...
Security Bulletin: IBM Content Collector for SAP Applications affected by vulnerabilities in IBM SDK Java™ Technology Edition, Version 6 and Version 7 (CVE-2014-3566, CVE-2014-4244, CVE-2014-4263, CVE-2014-6457, CVE-2014-6468)
Summary IBM Content Collector for SAP Applications ships IBM SDK Java™ Technology Edition, Version 6 and Version 7, which have security vulnerabilities that might be exposed within the use of Content Collector for SAP Applications. Vulnerability Details CVE ID: CVE-2014-3566 Description: Product...
January 26, 2017—KB 3216755 (OS Build 14393.726)
None None...
SAP NetWeaver AS Java Multiple Vulnerabilities (2235994, 2234971, 2238375)
SAP NetWeaver Application Server AS Java is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
SAP applications multiple security vulnerabilities
Unauthorized access, crossite scripting, backdoor account, authentication bypass, unencrypted password transfer...
CVE-2012-0426
Race condition in sapsuseclusterconnector before 1.0.0-0.8.1 in SUSE Linux Enterprise for SAP Applications 11 SP2 allows local users to have an unspecified impact via vectors related to a tmp/ directory...
Race condition
Race condition in sapsuseclusterconnector before 1.0.0-0.8.1 in SUSE Linux Enterprise for SAP Applications 11 SP2 allows local users to have an unspecified impact via vectors related to a tmp/ directory...
CVE-2012-0426
Race condition in sapsuseclusterconnector before 1.0.0-0.8.1 in SUSE Linux Enterprise for SAP Applications 11 SP2 allows local users to have an unspecified impact via vectors related to a tmp/ directory...
CVE-2012-0426
CVE-2012-0426 affects the SAP SUSE cluster connector: a race condition in the module before version 1.0.0-0.8.1 used with SUSE Linux Enterprise for SAP Applications 11 SP2 . The issue allows local users to cause an unspecified impact via vectors related to a tmp/ directory. The provided documents...
SAP applications multiple security vulnerabilities
Code executions, filesystem access, information leakage, DoS...
SAP NetWeaver Integration Directory — Multiple XSS
Application: SAP NetWeaver XI Versions Affected: SAP NetWeaver XI Vendor URL: Bugs: XSS Exploits: YES Reported: 09.06.2010 Vendor response: 10.06.2010 Date of Public Advisory: 09.03.2011 CVE-number: Author: Dmitriy Evdokimov Description SAP NetWeaver Integration Directory has multiple linked XSS...
SAP SAPDB (WEB DBM) XSS Vulnerability
Application: SAPDB Versions Affected: Last Vendor URL: Bugs: XSS Exploits: YES Reported: 20.11.2008 Vendor response: 20.11.2008 Date of Public Advisory: 31.03.2009 Description SAP MaxDB Web Database engine which listens port 9999 has a Linked XSS security vulnerability. Business Risk An attacker...
AIX 5.2 : IY49781
The remote host is missing AIX Critical Security Patch number IY49781 Coredump in libc while running SAP applications. You should install this patch for your system to be up-to-date. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. if ! definedfunc"bnrandom" exit0;...