CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

NVD•added 2017/07/25 6:29 p.m.•12 views

CVE-2017-11457

XML external entity XXE vulnerability in com.sap.km.cm.ice in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to read arbitrary files or conduct server-side request forgery SSRF attacks via a crafted DTD in an XML request, aka SAP Security Note 2387249...

6.5CVSS6.3AI score0.00587EPSS

Exploits0References2

Prion•added 2017/07/25 6:29 p.m.•13 views

Server side request forgery (ssrf)

4CVSS6.2AI score0.00587EPSS

Exploits0References2Affected Software1

Cvelist•added 2017/07/25 6:0 p.m.•18 views

CVE-2017-11457

6.3AI score0.00587EPSS

Exploits0References2

NVD•added 2017/05/23 4:29 a.m.•14 views

CVE-2017-8913

The Visual Composer VC70RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity XXE attacks via a crafted XML document in a request to irj/servlet/prt/portal/prtroot/com.sap.visualcomposer.BIKit.default, aka SAP Security Note 2386873...

8.8CVSS8.2AI score0.00552EPSS

Exploits0References2

CVE•added 2017/05/23 3:56 a.m.•49 views

CVE-2017-8913

The CVE-2017-8913 vulnerability affects SAP NetWeaver AS JAVA 7.5, specifically the Visual Composer VC70RUNTIME component. Affected files/components include VC70RUNTIME (7.30–7.50) and VCFRAMEWORK/VCFLEX7.00 as listed in public advisories. The issue is an XML External Entity (XXE) vulnerability t...

8.8CVSS8.1AI score0.00552EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by