Lucene search
+L

1284 matches found

nvd
nvd
added 2 days ago6 views

CVE-2026-44747

SAP NetWeaver Application Server ABAP allows an authenticated attacker to leverage logical errors in memory management to cause a memory corruption that could lead to unauthorized data access, modification, or system unavailability. This has high impact on confidentiality, integrity, and...

9.9CVSS0.00439EPSS
Exploits0References2
cve
cve
added 2 days ago9 views

CVE-2026-44760

The CVE-2026-44760 entry concerns a Cross-Site Scripting (XSS) in SAP NetWeaver Application Server ABAP-based applications that use the Business Server Pages framework. The vulnerability arises from unsanitized input being reflected in the HTTP response, enabling an attacker to inject and execute...

4.7CVSS6.3AI score0.00142EPSS
Exploits0References2
cvelist
cvelist
added 2 days ago29 views

CVE-2026-44747 Memory Corruption vulnerability in SAP NetWeaver Application Server ABAP

SAP NetWeaver Application Server ABAP allows an authenticated attacker to leverage logical errors in memory management to cause a memory corruption that could lead to unauthorized data access, modification, or system unavailability. This has high impact on confidentiality, integrity, and...

9.9CVSS0.00439EPSS
Exploits0References2
nuclei
nuclei
added 2026/06/28 3:8 p.m.236 views

SAP Memory Pipes (MPI) Desynchronization

SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable to request smuggling and request concatenation attacks. An unauthenticated attacker can prepend a victim's request with arbitrary data. This...

10CVSS7.7AI score0.97945EPSS
Exploits8References5
nessus
nessus
added 2026/06/12 12:0 a.m.39 views

SAP NetWeaver AS ABAP XML Signature Wrapping in SAML Authentication (3746332)

The version of SAP NetWeaver AS ABAP and ABAP Platform detected on the remote host is affected by an XML signature wrapping vulnerability in SAML authentication as referenced in SAP Security Note 3746332: - SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker...

9.9CVSS5.4AI score0.00231EPSS
Exploits0References2
nessus
nessus
added 2026/06/12 12:0 a.m.74 views

SAP NetWeaver AS ABAP Memory Corruption (3717897)

The version of SAP NetWeaver AS ABAP and ABAP Platform detected on the remote host is affected by a memory corruption vulnerability as referenced in SAP Security Note 3717897: - Due to improper RFC protocol validation in the SAP Kernel used by the Application Server ABAP of SAP NetWeaver and ABAP...

9.8CVSS5.8AI score0.00437EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/06/10 2:59 a.m.10 views

CVE-2026-44751

Application server ABAP does not perform necessary authorization checks for an authenticated user allowing an attacker to execute a report generation command which could overwrite information belonging to another user, resulting in escalation of privileges. This has high impact on integrity with...

7.1CVSS5.6AI score0.00207EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/10 2:59 a.m.15 views

CVE-2026-27671

Due to improper RFC protocol validation in the SAP Kernel used by the Application Server ABAP of SAP NetWeaver and ABAP Platform, an unauthenticated attacker can send a crafted RFC request that exploits logical errors in memory management, leading to memory corruption. This could lead to a high...

9.8CVSS5.5AI score0.00437EPSS
Exploits0References1
nvd
nvd
added 2026/06/09 1:16 a.m.18 views

CVE-2026-44751

Application server ABAP does not perform necessary authorization checks for an authenticated user allowing an attacker to execute a report generation command which could overwrite information belonging to another user, resulting in escalation of privileges. This has high impact on integrity with...

7.1CVSS0.00207EPSS
Exploits0References2
nvd
nvd
added 2026/06/09 1:16 a.m.82 views

CVE-2026-44748

SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message and send modified signed XML documents to the verifier. This may result in acceptance of tampered identity information leading to unauthorized access to...

9.9CVSS0.00231EPSS
Exploits0References2
nvd
nvd
added 2026/06/09 1:16 a.m.19 views

CVE-2026-27671

Due to improper RFC protocol validation in the SAP Kernel used by the Application Server ABAP of SAP NetWeaver and ABAP Platform, an unauthenticated attacker can send a crafted RFC request that exploits logical errors in memory management, leading to memory corruption. This could lead to a high...

9.8CVSS0.00437EPSS
Exploits0References2
euvd
euvd
added 2026/06/09 12:21 a.m.13 views

EUVD-2026-35285

Application server ABAP does not perform necessary authorization checks for an authenticated user allowing an attacker to execute a report generation command which could overwrite information belonging to another user, resulting in escalation of privileges. This has high impact on integrity with...

7.1CVSS5.6AI score0.00207EPSS
Exploits0References2
cve
cve
added 2026/06/09 12:21 a.m.64 views

CVE-2026-44751

CVE-2026-44751 affects the SAP NetWeaver ABAP Platform/application server ABAP. The issue is a missing authorization check for authenticated users, enabling a user to execute a report generation command and potentially overwrite another user’s information, resulting in privilege escalation. Impac...

7.1CVSS5.6AI score0.00207EPSS
Exploits0References2
cvelist
cvelist
added 2026/06/09 12:21 a.m.43 views

CVE-2026-44751 Missing Authorization check in Application Server ABAP of SAP NetWeaver and ABAP Platform

Application server ABAP does not perform necessary authorization checks for an authenticated user allowing an attacker to execute a report generation command which could overwrite information belonging to another user, resulting in escalation of privileges. This has high impact on integrity with...

7.1CVSS0.00207EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/06/09 12:20 a.m.17 views

CVE-2026-44748

SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message and send modified signed XML documents to the verifier. This may result in acceptance of tampered identity information leading to unauthorized access to...

9.9CVSS5.5AI score0.00231EPSS
Exploits0References3
cvelist
cvelist
added 2026/06/09 12:20 a.m.45 views

CVE-2026-44748 XML Signature Wrapping in SAML Authentication in SAP NetWeaver AS ABAP and ABAP Platform

SAP NetWeaver Application Server ABAP and ABAP Platform allows an authenticated attacker with normal privileges to obtain a valid signed message and send modified signed XML documents to the verifier. This may result in acceptance of tampered identity information leading to unauthorized access to...

9.9CVSS0.00231EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/06/09 12:20 a.m.10 views

CVE-2026-27671 Memory Corruption vulnerability in Application Server ABAP of SAP NetWeaver and ABAP Platform

Due to improper RFC protocol validation in the SAP Kernel used by the Application Server ABAP of SAP NetWeaver and ABAP Platform, an unauthenticated attacker can send a crafted RFC request that exploits logical errors in memory management, leading to memory corruption. This could lead to a high...

9.8CVSS5.5AI score0.00437EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/06/09 12:20 a.m.8 views

CVE-2026-27671

Due to improper RFC protocol validation in the SAP Kernel used by the Application Server ABAP of SAP NetWeaver and ABAP Platform, an unauthenticated attacker can send a crafted RFC request that exploits logical errors in memory management, leading to memory corruption. This could lead to a high...

9.8CVSS5.5AI score0.00437EPSS
Exploits0References3Affected Software1
cnnvd
cnnvd
added 2026/06/09 12:0 a.m.19 views

SAP NetWeaver ABAP Platform 安全漏洞

SAP NetWeaver ABAP Platform is an integrated technology platform developed by the German company SAP. There is a security vulnerability in SAP NetWeaver ABAP Platform, which stems from the lack of necessary authorization checks for authenticated users. This vulnerability could allow attackers to...

7.1CVSS5.5AI score0.00207EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/05 7:47 p.m.10 views

CVE-2026-27680

Due to improper input handling under certain conditions, SAP NetWeaver Application Server ABAP allows an attacker to inject custom Cascading Style Sheets CSS data into a web page served by the application. When a user accesses or clicks the affected page, the injected CSS is executed. As a result...

4.3CVSS5.5AI score0.00173EPSS
Exploits0References1
Rows per page
Query Builder