Lucene search
K

17171 matches found

Nuclei
Nuclei
added 2026/06/16 7:13 a.m.167 views

SAP NetWeaver Application Server Java 7.5 - Local File Inclusion

SAP NetWeaver Application Server Java 7.5 is susceptible to local file inclusion in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS. This can allow remote attackers to read arbitrary files via a .. dot dot in the query string, as exploited in the wild in August 2017, aka SAP Security Note...

7.5CVSS8.7AI score0.94557EPSS
Exploits3References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.93 views

SAP NetWeaver AS JAVA 7.30-7.50 - Remote Admin Addition

SAP NetWeaver AS JAVA LM Configuration Wizard, versions 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system, including the ability to create an...

10CVSS8.9AI score0.94719EPSS
Exploits6References5
RedHat Linux
RedHat Linux
added 2026/06/16 6:14 a.m.9 views

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

9.8CVSS5.6AI score0.00605EPSS
Exploits0References20
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.8 views

SUSE SLES15 Security Update : google-cloud-sap-agent (SUSE-SU-2026:2372-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:2372-1 advisory. This update for google-cloud-sap-agent fixes the following issue - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport...

7.5CVSS5.5AI score0.00781EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.9 views

SUSE SLES12 Security Update : google-cloud-sap-agent (SUSE-SU-2026:2348-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:2348-1 advisory. This update for google-cloud-sap-agent fixes the following issue - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport...

7.5CVSS5.5AI score0.00781EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.14 views

SAP NetWeaver AS Java Apache Log4j Vulnerability (3726899)

The version of SAP NetWeaver Application Server Java detected on the remote host is affected by a vulnerability in the Apache Log4j library as referenced in SAP Security Note 3726899: - The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does not perform TLS hostname...

6.3CVSS6.1AI score0.00743EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.13 views

SAP NetWeaver AS ABAP Missing Authorization Check (3735546)

The version of SAP NetWeaver AS ABAP and ABAP Platform detected on the remote host is affected by a missing authorization check vulnerability as referenced in SAP Security Note 3735546: - Application server ABAP does not perform necessary authorization checks for an authenticated user allowing an...

7.1CVSS5.6AI score0.00207EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.14 views

SAP NetWeaver AS Java Reflected XSS (3723655)

The version of SAP NetWeaver Application Server Java detected on the remote host is affected by a reflected cross-site scripting vulnerability as referenced in SAP Security Note 3723655: - Due to a reflected cross-site scripting XSS vulnerability in SAP NetWeaver JAVA JDBC Test Servlet, an...

6.1CVSS5.4AI score0.00199EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.66 views

SAP NetWeaver AS ABAP Memory Corruption (3717897)

The version of SAP NetWeaver AS ABAP and ABAP Platform detected on the remote host is affected by a memory corruption vulnerability as referenced in SAP Security Note 3717897: - Due to improper RFC protocol validation in the SAP Kernel used by the Application Server ABAP of SAP NetWeaver and ABAP...

9.8CVSS5.8AI score0.00437EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.30 views

SAP NetWeaver AS ABAP XML Signature Wrapping in SAML Authentication (3746332)

The version of SAP NetWeaver AS ABAP and ABAP Platform detected on the remote host is affected by an XML signature wrapping vulnerability in SAML authentication as referenced in SAP Security Note 3746332: - SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker...

9.9CVSS5.4AI score0.00231EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/06/12 12:0 a.m.16 views

SAP NetWeaver AS Java Directory Traversal (3727078)

The version of SAP NetWeaver Application Server Java detected on the remote host is affected by a directory traversal vulnerability as referenced in SAP Security Note 3727078: - SAP NetWeaver Application Server Java Web Container allows an unauthenticated attacker to craft a malicious HTTP logon...

9CVSS5.4AI score0.00454EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2026/06/11 2:3 p.m.6 views

Security update for google-cloud-sap-agent

This update for google-cloud-sap-agent fixes the following issue CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265764. Changes for google-cloud-sap-agent: Update to version 3.14 bsc1265991 Patch Instructions: To install this SUSE...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References6
OSV
OSV
added 2026/06/11 2:3 p.m.9 views

SUSE-SU-2026:2372-1 Security update for google-cloud-sap-agent

This update for google-cloud-sap-agent fixes the following issue - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265764. Changes for google-cloud-sap-agent: - Update to version 3.14 bsc1265991...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/06/11 1:56 p.m.25 views

Important: Red Hat Security Advisory: skopeo security update

An update for skopeo is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

10CVSS7.1AI score0.01945EPSS
Exploits3References6
RedHat Linux
RedHat Linux
added 2026/06/11 1:53 p.m.24 views

Important: Red Hat Security Advisory: containernetworking-plugins security update

An update for containernetworking-plugins is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

10CVSS7.3AI score0.01945EPSS
Exploits3References5
RedHat Linux
RedHat Linux
added 2026/06/11 1:40 p.m.23 views

Important: Red Hat Security Advisory: podman security update

An update for podman is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

10CVSS7.1AI score0.01945EPSS
Exploits4References7
RedHat Linux
RedHat Linux
added 2026/06/11 8:51 a.m.13 views

Important: Red Hat Security Advisory: bind security update

An update for bind is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.5CVSS8AI score0.01545EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2026/06/10 3:10 p.m.19 views

Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities

Fortinet, Ivanti, and SAP have released security updates to address multiple critical security vulnerabilities that could result in arbitrary code execution and information disclosure. The security flaw patched by Fortinet relates to a command injection vulnerability in FortiSandbox, FortiSandbox...

10CVSS9.6AI score0.99041EPSS
Exploits8
SUSE Linux
SUSE Linux
added 2026/06/10 1:22 p.m.8 views

Security update for google-cloud-sap-agent

This update for google-cloud-sap-agent fixes the following issue CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265764. Changes for google-cloud-sap-agent: Update to version 3.14 bsc1265991 Patch Instructions: To install this SUSE...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References6
OSV
OSV
added 2026/06/10 1:22 p.m.7 views

SUSE-SU-2026:2348-1 Security update for google-cloud-sap-agent

This update for google-cloud-sap-agent fixes the following issue - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265764. Changes for google-cloud-sap-agent: - Update to version 3.14 bsc1265991...

7.5CVSS5.4AI score0.00781EPSS
Exploits0References4
Rows per page
Query Builder