Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3094 matches found

Prion
Prionadded 2016/02/16 3:59 p.m.17 views

Sql injection

SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079...

7.5CVSS8.9AI score0.7106EPSS
Exploits8References7Affected Software1
OSV
OSVadded 2016/02/16 3:59 p.m.2 views

CVE-2016-2386

SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079...

9.8CVSS6.1AI score0.7106EPSS
Exploits8References8
Prion
Prionadded 2016/02/16 3:59 p.m.16 views

Design/Logic Flaw

The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request, aka SAP Security Note 2256846...

5CVSS6.4AI score0.51553EPSS
Exploits10References7Affected Software1
Prion
Prionadded 2016/02/16 3:59 p.m.19 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the Java Proxy Runtime ProxyServer servlet in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via the 1 ns or 2 interface parameter to ProxyServer/register, aka SAP Security Note 2220571...

4.3CVSS6AI score0.01546EPSS
Exploits1References4Affected Software1
Cvelist
Cvelistadded 2016/02/16 3:0 p.m.26 views

CVE-2016-2388

The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request, aka SAP Security Note 2256846...

5.2AI score0.51553EPSS
Exploits10References7
CVE
CVEadded 2016/02/16 3:0 p.m.58 views

CVE-2016-2387

CVE-2016-2387 pertains to SAP NetWeaver 7.4, affecting the Java Proxy Runtime ProxyServer servlet. The vulnerability enables cross-site scripting (XSS) via the ProxyServer/register endpoint, by manipulating the ns or interface parameters, as noted in SAP Security Note 2220571. Public advisories (...

6.1CVSS6AI score0.01546EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologiesadded 2016/02/16 12:0 a.m.5 views

PT-2016-1176 · Sap · Sap Netweaver J2Ee Engine

Name of the Vulnerable Software and Affected Versions: SAP NetWeaver J2EE Engine version 7.40 Description: The issue is related to a SQL injection vulnerability in the UDDI server of the SAP NetWeaver J2EE Engine. This vulnerability allows remote attackers to execute arbitrary SQL commands via...

9.8CVSS9.8AI score0.7106EPSS
Exploits8References15
ATTACKERKB
ATTACKERKBadded 2016/02/16 12:0 a.m.30 views

CVE-2016-2388

The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote attackers to obtain sensitive user information via a crafted HTTP request, aka SAP Security Note 2256846. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

5.3CVSS5.3AI score0.51553EPSS
In wildExploits10References12
ATTACKERKB
ATTACKERKBadded 2016/02/16 12:0 a.m.38 views

CVE-2016-2386

SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

9.8CVSS7.6AI score0.7106EPSS
In wildExploits8References12
Packet Storm
Packet Stormadded 2016/02/12 12:0 a.m.25 views

SIMOGEO FileManager 2.3.0 Path Traversal

Exploit Title: SIMOGEO FileManager 2.3.0 - Path Traversal Vulnerability Date: 2015-12-09 Exploit Author: HaHwul Exploit Author Blog: http://www.codeblack.net Vendor Homepage: https://github.com/simogeo/Filemanager Software Link: git clone http://github.com/simogeo/Filemanager.git Version: 2.3.0...

7.4AI score
Exploits0
OSV
OSVadded 2016/02/07 1:59 a.m.2 views

DEBIAN-CVE-2016-0807

The getbuildid function in elfutils.cpp in Debuggerd in Android 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application that mishandles a Desc Size element in an ELF Note, aka internal bug 25187394...

8.4CVSS8.3AI score0.00215EPSS
Exploits0References1
OSV
OSVadded 2016/02/07 1:59 a.m.6 views

CVE-2016-0807

The getbuildid function in elfutils.cpp in Debuggerd in Android 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application that mishandles a Desc Size element in an ELF Note, aka internal bug 25187394...

8.4CVSS6.8AI score
Exploits0References2
NVD
NVDadded 2016/02/07 1:59 a.m.19 views

CVE-2016-0807

The getbuildid function in elfutils.cpp in Debuggerd in Android 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application that mishandles a Desc Size element in an ELF Note, aka internal bug 25187394...

8.4CVSS8.2AI score0.00215EPSS
Exploits0References2
UbuntuCve
UbuntuCveadded 2016/02/07 1:59 a.m.34 views

CVE-2016-0807

The getbuildid function in elfutils.cpp in Debuggerd in Android 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application that mishandles a Desc Size element in an ELF Note, aka internal bug 25187394...

8.4CVSS7.3AI score0.00215EPSS
Exploits0References3
Prion
Prionadded 2016/02/07 1:59 a.m.23 views

Code injection

The getbuildid function in elfutils.cpp in Debuggerd in Android 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application that mishandles a Desc Size element in an ELF Note, aka internal bug 25187394...

7.2CVSS7AI score0.00215EPSS
Exploits0References2Affected Software1
OSV
OSVadded 2016/02/07 1:59 a.m.2 views

UBUNTU-CVE-2016-0807

The getbuildid function in elfutils.cpp in Debuggerd in Android 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application that mishandles a Desc Size element in an ELF Note, aka internal bug 25187394...

8.4CVSS7.3AI score0.00215EPSS
Exploits0References4
Cvelist
Cvelistadded 2016/02/07 1:0 a.m.22 views

CVE-2016-0807

The getbuildid function in elfutils.cpp in Debuggerd in Android 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application that mishandles a Desc Size element in an ELF Note, aka internal bug 25187394...

8.2AI score0.00215EPSS
Exploits0References2
CVE
CVEadded 2016/02/07 1:0 a.m.61 views

CVE-2016-0807

CVE-2016-0807 affects Android 6.x Debuggerd (get_build_id in elf_utils.cpp) where a crafted ELF Note Desc Size element mishandling enables privilege escalation. Root cause: improper handling in Debuggerd’s ELF note parsing. Impact: high (local attacker). Affected component: Android 6.x Debuggerd....

8.4CVSS8.1AI score0.00215EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVEadded 2016/02/07 1:0 a.m.44 views

CVE-2016-0807

The getbuildid function in elfutils.cpp in Debuggerd in Android 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application that mishandles a Desc Size element in an ELF Note, aka internal bug 25187394...

8.4CVSS8.2AI score0.00215EPSS
Exploits0
android
androidadded 2016/02/01 12:0 a.m.37 views

CVE-2016-0807

The getbuildid function in elfutils.cpp in Debuggerd in Android 6.x before 2016-02-01 allows attackers to gain privileges via a crafted application that mishandles a Desc Size element in an ELF Note, aka internal bug 25187394...

7.2CVSS7.6AI score0.00215EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder