85 matches found
CVE-2021-27597
SAP NetWeaver AS for ABAP RFC Gateway, versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73,7.77,7.81,7.82,7.83, allows an unauthenticated attacker without specific knowledge of the system to send a...
CVE-2021-27635
SAP NetWeaver AS for JAVA, versions - 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker authenticated as an administrator to connect over a network and submit a specially crafted XML file in the application because of missing XML Validation, this vulnerability enables attacker to fully compromise...
EUVD-2021-14382
Malware in sbrugna...
EUVD-2016-1489
Malware in sbrugna...
EUVD-2023-28539
Malicious code in bioql PyPI...
EUVD-2023-27943
Malicious code in bioql PyPI...
EUVD-2023-32398
Malicious code in bioql PyPI...
EUVD-2023-28540
Malicious code in bioql PyPI...
EUVD-2024-42536
Malicious code in bioql PyPI...
CVE-2021-27598
SAP NetWeaver AS JAVA Customer Usage Provisioning Servlet, versions - 7.31, 7.40, 7.50, allows an attacker to read some statistical data like product version, traffic, timestamp etc. because of missing authorization check in the servlet...
CVE-2020-6286
The insufficient input path validation of certain parameter in the web service of SAP NetWeaver AS JAVA LM Configuration Wizard, versions - 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to exploit a method to download zip files to a specific directory, leading to Path Traversal...
CVE-2020-6229
SAP NetWeaver AS ABAP Business Server Pages application CRMBSPFRAME, versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 75A, 75B, 75C, 75D, 75E, does not sufficiently encode user controlled inputs, resulting in reflected Cross-Site Scripting XSS vulnerability...
CVE-2019-0304
FTP Function of SAP NetWeaver AS ABAP Platform, versions- KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73, KERNEL 7.21, 7.45, 7.49, 7.53, 7.73, allows an attacker to inje...
SAP NetWeaver AS SQL Injection Vulnerability (CNVD-2025-07612)
SAP NetWeaver AS is a SAP web application server from SAP, Germany. SAP NetWeaver AS suffers from a SQL injection vulnerability that originates from a program that does not properly check for authorization, which could be exploited by an attacker to gain control over data in an Informix database,...
CVE-2025-0066
Under certain conditions SAP NetWeaver AS for ABAP and ABAP Platform Internet Communication Framework allows an attacker to access restricted information due to weak access controls. This can have a significant impact on the confidentiality, integrity, and availability of an application...
CVE-2020-26820
SAP NetWeaver AS JAVA, versions - 7.20, 7.30, 7.31, 7.40, 7.50, allows an attacker who is authenticated as an administrator to use the administrator console, to expose unauthenticated access to the file system and upload a malicious file. The attacker or another user can then use a separate...
CVE-2025-0066
Under certain conditions SAP NetWeaver AS for ABAP and ABAP Platform Internet Communication Framework allows an attacker to access restricted information due to weak access controls. This can have a significant impact on the confidentiality, integrity, and availability of an application...
CVE-2025-0057
CVE-2025-0057 concerns SAP NetWeaver AS Java (User Admin Application). The issue is a stored cross-site scripting vulnerability where an attacker, posing as an admin, can upload a photo containing malicious JavaScript. When a victim accesses the vulnerable component, the attacker can read and mod...
CVE-2025-0057 Cross-Site Scripting vulnerability in SAP NetWeaver AS JAVA (User Admin Application)
SAP NetWeaver AS JAVA User Admin Application is vulnerable to stored cross site scripting vulnerability. An attacker posing as an admin can upload a photo with malicious JS content. When a victim visits the vulnerable component, the attacker can read and modify information within the scope of...
SAP NetWeaver AS SQL注入漏洞
SAP NetWeaver AS is a SAP web application server from SAP, Germany. SAP NetWeaver AS suffers from a SQL injection vulnerability that originates from a program that does not properly check for authorization, which could be exploited by an attacker to gain control over data in an Informix database,...