CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

54 matches found

erpscan•added 2015/12/03 12:0 a.m.•37 views

SAP Afaria - Authorization bypass, Insecure signature

Application: SAP Afaria 7.0.6001.5 Vendor URL: http://www.sap.com Bugs: Authorization bypass Reported: 12.03.2015 Vendor response: 13.03.2015 Date of Public Advisory: 12.05.2015 Reference: SAP Security Note 2134905 Authors: Dmitry Chastukhin ERPScan Description An anonymous attacker can spoof a...

1.1AI score

Exploits0

erpscan•added 2015/07/13 12:0 a.m.•17 views

SAP NetWeaver 7.4 - XSS

Application: SAP NetWeaver J2EE Engine 7.40 Vendor URL: http://www.sap.com Bugs: XSS Reported: 13.07.2015 Vendor response: 24.07.2015 Date of Public Advisory: 09.09.2015 Reference: SAP Security Note 2176785 Authors: Roman Bezhan ERPScan VULNERABILITY INFORMATION Class: Cross-Site Scripting, XSS...

0.5AI score

Exploits0

erpscan•added 2015/05/09 12:0 a.m.•31 views

SAP MII - Encryption Downgrade vulnerability

Application: SAP MII Vendor URL: http://www.sap.com Bugs: Cryptographic issues Reported: 05.09.2015 Vendor response: 06.09.2015 Date of Public Advisory: 20.11.2015 Reference: SAP Security Note 2240274 Author: Mathieu GELI ERPScan VULNERABILITY INFORMATION Class: Cryptographic issues Impact: readi...

5CVSS0.4AI score0.00151EPSS

Exploits0

erpscan•added 2015/04/16 12:0 a.m.•38 views

SAP NetWeaver 7.4 - XXE

Application: SAP NetWeaver Portal 7.4 Vendor URL: http://www.sap.com Bugs: XML eXternal Entity Reported: 16.04.2015 Vendor response: 17.04.2015 Date of Public Advisory: 11.08.2015 Reference: SAP Security Note 2168485 Authors: Roman Bezhan ERPScan VULNERABILITY INFORMATION Class: XML External Enti...

6.8CVSS0.5AI score0.00639EPSS

Exploits2

erpscan•added 2015/02/18 12:0 a.m.•34 views

SAP Afaria - Stored XSS

Application: SAP Afaria 7 Vendor URL: http://www.sap.com Bugs: XSS Reported: 18.02.2015 Vendor response: 18.02.2015 Date of Public Advisory: 11.08.2015 Reference: SAP Security Note 2152669 Authors: Dmitry Chastukhin ERPScan Vulnerability information Class: XML External Entity CWE-79 Impact: Store...

4.3CVSS0.6AI score0.00285EPSS

Exploits1

CVE•added 2015/01/22 4:0 p.m.•41 views

CVE-2015-1311

CVE-2015-1311 affects SAP HANA Extended Application Services (XS). The XS component allows remote attackers to inject arbitrary ABAP code through unspecified vectors, per SAP Note 2098906 and corroborated by CNVD/NVD entries. This constitutes remote code/injection potential in SAP HANA XS, with n...

10CVSS7AI score0.017EPSS

Exploits0References1Affected Software1

Cvelist•added 2015/01/22 4:0 p.m.•19 views

CVE-2015-1311

The Extended Application Services XS in SAP HANA allows remote attackers to inject arbitrary ABAP code via unspecified vectors, aka SAP Note 2098906. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

6.8AI score0.017EPSS

Exploits0References1

erpscan•added 2015/01/09 12:0 a.m.•13 views

SAP NetWeaver 7.4 - cryptographic issues

Application: SAP NetWeaver Versions Affected: SAP NetWeaver 7.4 Vendor URL: http://www.sap.com Bugs: cryptographic issues Reported: 01.09.2015 Vendor response: 02.09.2015 Date of Public Advisory: 12.01.2016 Reference: SAP Security Note 2191290 Author: Vahagn Vardanyan ERPScan VULNERABILITY...

Exploits0

erpscan•added 2015/01/09 12:0 a.m.•16 views

SAP NetWeaver 7.4 (MDT component) - XSS vulnerability

Application: SAP NetWeaver Versions Affected: SAP NetWeaver 7.4 Vendor URL: http://www.sap.com Bugs: XSS Reported: 01.09.2015 Vendor response: 02.09.2015 Date of Public Advisory: 12.01.2016 Reference: SAP Security Note 2206793 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class:...

0.2AI score

Exploits0

NVD•added 2013/10/28 10:55 p.m.•5 views

CVE-2013-3243

Unspecified vulnerability in OpenText/IXOS ECM for SAP NetWeaver allows remote attackers to execute arbitrary ABAP code via unknown vectors...

6.8CVSS7.5AI score0.00437EPSS

Exploits1References2

Prion•added 2013/10/28 10:55 p.m.•12 views

Security feature bypass

Unspecified vulnerability in OpenText/IXOS ECM for SAP NetWeaver allows remote attackers to execute arbitrary ABAP code via unknown vectors...

6.8CVSS8AI score0.00437EPSS

Exploits1References2

Cvelist•added 2013/10/28 10:0 p.m.•18 views

CVE-2013-3243

Unspecified vulnerability in OpenText/IXOS ECM for SAP NetWeaver allows remote attackers to execute arbitrary ABAP code via unknown vectors...

7.5AI score0.00437EPSS

Exploits1References2

CVE•added 2013/10/28 10:0 p.m.•42 views

CVE-2013-3243

The CVE-2013-3243 issue affects OpenText/IXOS ECM for SAP NetWeaver (Doculink). It is a Remote ABAP Injection vulnerability that, per ESNC, could allow an attacker to inject and execute ABAP code on a remote SAP system. An exploit is claimed to exist in ESNC’s suite; vendor patching information p...

6.8CVSS7.8AI score0.00437EPSS

Exploits1References2Affected Software1

securityvulns•added 2013/05/06 12:0 a.m.•37 views

[ESNC-2013-004] Remote ABAP Code Injection in OpenText/IXOS ECM for SAP NetWeaver

ESNC-2013-004 Remote ABAP Code Injection in OpenText/IXOS ECM for SAP NetWeaver Please refer to http://www.esnc.de for the original security advisory, updates and additional information. ------------------------------------------------------------------------ 1. Business Impact...

6.8CVSS7AI score0.00437EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by