SAP NetWeaver Application Server ABAP 输入验证错误漏洞

SAP NetWeaver Application Server ABAP is a platform used by SAP, a German company, for the operation and development of applications written in the ABAP language. There is an input validation vulnerability in SAP NetWeaver Application Server ABAP. This vulnerability stems from an open redirection...

SAP NetWeaver Application Server for ABAP 代码问题漏洞

SAP NetWeaver Application Server for ABAP is a core application server platform developed by the German company SAP. There is a code vulnerability in SAP NetWeaver Application Server for ABAP. This vulnerability stems from the ABAP reports used for testing, which allow sending HTTP requests to...

CVE-2025-23186

In certain conditions, SAP NetWeaver Application Server ABAP allows an authenticated attacker to craft a Remote Function Call RFC request to restricted destinations, which can be used to expose credentials for a remote service. These credentials can then be further exploited to completely...

SAP NetWeaver Application Server for ABAP 跨站请求伪造漏洞

SAP NetWeaver Application Server for ABAP is a core application server platform from SAP, Germany. A cross-site request forgery vulnerability exists in SAP NetWeaver Application Server for ABAP, which stems from a cross-site request forgery vulnerability that could lead to bypassing authorization...

EUVD-2015-4182

Malware in sbrugna...

EUVD-2023-29555

Malicious code in bioql PyPI...

SAP NetWeaver Server ABAP Information Disclosure Vulnerability (CNVD-2025-07609)

SAP NetWeaver Server ABAP is an application server from SAP Germany. An information disclosure vulnerability exists in SAP NetWeaver Server ABAP. The vulnerability stems from the server generating different responses depending on the presence or absence of a particular user, thereby disclosing...

CVE-2025-23193

CVE-2025-23193 describes an information-disclosure vulnerability in SAP NetWeaver Server ABAP. An unauthenticated attacker can provoke the server to respond differently depending on the existence of a specified user, potentially leaking sensitive information. The issue does not enable data modifi...

CVE-2024-54198

In certain conditions, SAP NetWeaver Application Server ABAP allows an authenticated attacker to craft a Remote Function Call RFC request to restricted destinations, which can be used to expose credentials for a remote service. These credentials can then be further exploited to completely...

SAP NetWeaver AS ABAP NULL Pointer Dereference (3504390)

SAP NetWeaver Application Server for ABAP is affected by NULL pointer dereference vulnerability: - SAP NetWeaver Application Server for ABAP and ABAP Platform allows an unauthenticated attacker to send a maliciously crafted http request which could cause a null pointer dereference in the kernel...

SAP NetWeaver Application Server Security Vulnerability

SAP NetWeaver Application Server is an application server from SAP, Germany. A security vulnerability exists in SAP NetWeaver Application Server ABAP and ABAP Platform, which results in an escalation of privileges due to a failure to perform the required authorization checks for authenticated use...

PT-2023-21945 · Sap · Sap Netweaver As For Abap/Abap Platform

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS for ABAP and ABAP Platform versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 791 Description: The issue allows an attacker authenticated as a non-administrative user to craft a request with certain parameters, which can...

PT-2023-20196 · Sap · Sap Aba

Name of the Vulnerable Software and Affected Versions: SAP ABAP versions 751, 753, 754, 756, 757, 791 Description: The issue is caused by insufficient input sanitization, allowing an authenticated high privileged user to alter the current session of the user by injecting malicious database querie...

CVE-2023-0014 Capture-replay vulnerability in SAP NetWeaver AS for ABAP and ABAP Platform

SAP NetWeaver ABAP Server and ABAP Platform - versions SAPBASIS 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, KERNEL 7.22, 7.53, 7.77, 7.81, 7.85, 7.89, KRNL64UC 7.22, 7.22EXT, 7.53, KRNL64NUC 7.22, 7.22EXT, creates information about system identity in an ambiguo...

SAP NetWeaver AS ABAP Command Injection Vulnerability

SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A command injection vulnerability exists in SAP NetWeaver AS ABAP, which can be exploited by an attacker to inse...

PT-2021-17533 · Sap · Sap Netweaver As Abap

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS for ABAP RFC Gateway versions 7.22 through 7.83 Description: The issue allows an unauthenticated attacker without specific knowledge of the system to send a specially crafted packet over a network, triggering an internal erro...

SAP NetWeaver AS ABAP Code Injection Vulnerability

SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A code injection vulnerability exists in SAP NetWeaver AS ABAP versions 700, 701, 702, 730, and 731. An attacker...

PT-2021-17546 · Sap · Sap Netweaver As Abap

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS ABAP versions 700, 701, 702, 730, 731 Description: The issue allows a high-privileged attacker to inject malicious code by executing an ABAP report when the attacker has access to the local SAP system. This could lead to...

Unspecified Vulnerability in SAP Netweaver AS ABAP

SAP Netweaver is a set of service-oriented integrated application platform from SAP, which provides a development and runtime environment for SAP applications. The platform provides a development and runtime environment for SAP applications, and ABAP is an application server that runs in NetWeave...

PT-2020-19065 · Sap · Sap Netweaver As Abap

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver AS ABAP Banking Services versions 710, 711, 740, 750, 751, 752, 75A, 75B, 75C, 75D, 75E Description: The issue arises due to a missing authorization check, allowing an authenticated user to make unauthorized changes to individua...