CVE-2022-22533

Due to improper error handling in SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an attacker could submit multiple HTTP server requests resulting in errors, such that it consumes the memory buffer. This...

CVE-2022-22532

Summary (CVE-2022-22532) : SAP NetWeaver Application Server Java is affected in multiple builds (KRNL64NUC 7.22/7.22EXT/7.49/7.53 and KERNEL 7.22/7.49/7.53). An unauthenticated attacker can send a crafted HTTP request that triggers improper shared memory buffer handling, enabling execution of a p...

SAP NetWeaver Application Server Java 授权问题漏洞

SAP NetWeaver Application Server Java is a German SAP SAP company provides a Java runtime environment of the application server. The product is mainly used for developing and running Java EE applications. An authorization issue vulnerability exists in SAP NetWeaver Application Server Java version...

CVE-2021-21492

SAP NetWeaver Application Server JavaHTTP Service, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently validate logon group in URLs, resulting in a content spoofing vulnerability when directory listing is enabled...

SAP Netweaver 跨站脚本漏洞

SAP Netweaver is the German SAP SAP company's set of service-oriented integrated application platform. The platform provides a development and runtime environment for SAP applications. A cross-site scripting vulnerability exists in SAP NetWeaver AS JAVA versions 7.10 and 7.11. An attacker can...

SAP Netweaver Application Server Java Reverse Tag Phishing Vulnerability

SAP Netweaver Application Server Java is part of the SAP NetWeaver Application Platform, which provides a complete infrastructure for deploying and running Java applications. A reverse tag phishing vulnerability exists in SAP Netweaver Application Server Java 7.00, 7.10, 7.11, 7.20, 7.30, 7.31,...

CVE-2021-21491

SAP Netweaver Application Server Java Applications based on WebDynpro Java versions 7.00, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities...

SAP NetWeaver Application Server Java Cross-Site Scripting Vulnerability

SAP NetWeaver Application Server is an application server from SAP, Germany. A cross-site scripting vulnerability exists in SAP NetWeaver Application Server Java XML Forms versions 7.30, 7.31, 7.40, 7.50, which arises from a lack of proper validation of client-side data in the web application. An...

Input validation

SAP NetWeaver Application Server Java User Management Engine, versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; does not sufficiently validate the LDAP data source configuration XML document accepted from an untrusted source, leading to Missing XML Validation...

SAP NetWeaver Application Server Java Information Disclosure Vulnerability

SAP NetWeaver Application Server Java is a German SAP SAP company provides a Java runtime environment of the application server. The product is mainly used to develop and run Java EE applications. An information disclosure vulnerability exists in SAP NetWeaver Application Server Java. The...

Unspecified Vulnerability in SAP NetWeaver Application Server Java

SAP NetWeaver Application Server Java is a German SAP SAP company provides a Java runtime environment of the application server. The product is mainly used to develop and run Java EE applications. A security vulnerability exists in SAP NetWeaver Application Server Java J2EE-Framework that can be...

CVE-2019-0389

An administrator of SAP NetWeaver Application Server Java J2EE-Framework, corrected in versions 7.1, 7.2, 7.3, 7.31, 7.4, 7.5, may change privileges for all or some functions in Java Server, and enable users to execute functions, they are not allowed to execute otherwise...

SAP NetWeaver Application Server Java Code Issue Vulnerability

SAP Netweaver is the German SAP SAP company's set of service-oriented integration of the application platform, the platform mainly for SAP applications to provide a development environment. The platform mainly for SAP applications to provide a development and runtime environment.SAP NetWeaver...

SAP NetWeaver AS Java Detection (HTTP)

HTTP based detection of SAP NetWeaver Application Server AS Java. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

SAP NetWeaver Application Server Java Directory Traversal Vulnerability (CNVD-2017-29433)

SAP NetWeaver is SAP's integrated service-oriented application platform that provides a development and runtime environment for SAP applications. SAP NetWeaver Application Server AS Java is an application server that runs on NetWeaver and is based on the Java programming language. SAP NetWeaver...

SAP NetWeaver Application Server Java Path Traversal Vulnerability

SAP NetWeaver is an integrated, service-oriented application platform that provides a development and runtime environment for SAP applications. A directory traversal vulnerability in scheduler/ui/js/ffffffffffbca41eb4/UIUtilJavaScriptJS in SAP NetWeaver AS Java allows remote attackers to submit a...

CVE-2017-12637

SAP NetWeaver Application Server Java 7.5 is affected by a local/file read vulnerability (CVE-2017-12637) in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS that allows remote attackers to read arbitrary server files via a .. in the query string. The issue is confirmed in multiple connected s...

VulnCheck KEV: CVE-2017-12637

SAP NetWeaver Application Server AS Java contains a directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS that allows a remote attacker to read arbitrary files via a .. dot dot in the query string...

SAP Netweaver Application Server Java Remote Authorization Bypass Vulnerability

SAP NetWeaver is SAP's integrated service-oriented application platform that provides a development and runtime environment for SAP applications. SAP NetWeaver Application Server AS Java is an application server that runs on NetWeaver and is based on the Java programming language. SAP NetWeaver...

SAP NetWeaver Application Server Java Denial of Service Vulnerability

SAP NetWeaver Application Server AS Java is an application server that runs in NetWeaver and is based on the Java programming language. A denial of service vulnerability exists in SAP NetWeaver Application Server Java. An attacker could exploit the vulnerability to cause a denial of service...