Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3094 matches found

NVD
NVDadded 2015/11/24 8:59 p.m.11 views

CVE-2015-8330

The PCo agent in SAP Plant Connectivity PCo allows remote attackers to cause a denial of service memory corruption and agent crash via crafted xMII requests, aka SAP Security Note 2238619...

7.8CVSS6.8AI score0.02958EPSS
Exploits0References5
NVD
NVDadded 2015/11/24 8:59 p.m.10 views

CVE-2015-8329

SAP Manufacturing Integration and Intelligence aka MII, formerly xMII uses weak encryption Base64 and DES, which allows attackers to conduct downgrade attacks and decrypt passwords via unspecified vectors, aka SAP Security Note 2240274...

5CVSS6.6AI score0.00968EPSS
Exploits0References3
Prion
Prionadded 2015/11/24 8:59 p.m.12 views

Memory corruption

The PCo agent in SAP Plant Connectivity PCo allows remote attackers to cause a denial of service memory corruption and agent crash via crafted xMII requests, aka SAP Security Note 2238619...

7.8CVSS7.3AI score0.02958EPSS
Exploits0References5
Prion
Prionadded 2015/11/24 8:59 p.m.12 views

Information disclosure

SAP Manufacturing Integration and Intelligence aka MII, formerly xMII uses weak encryption Base64 and DES, which allows attackers to conduct downgrade attacks and decrypt passwords via unspecified vectors, aka SAP Security Note 2240274...

5CVSS7AI score0.00968EPSS
Exploits0References3Affected Software1
Cvelist
Cvelistadded 2015/11/24 8:0 p.m.16 views

CVE-2015-8329

SAP Manufacturing Integration and Intelligence aka MII, formerly xMII uses weak encryption Base64 and DES, which allows attackers to conduct downgrade attacks and decrypt passwords via unspecified vectors, aka SAP Security Note 2240274...

6.6AI score0.00968EPSS
Exploits0References3
CISA
CISAadded 2015/11/24 12:0 a.m.9 views

Dell Computers Contain CA Root Certificate Vulnerability

Dell personal computers using the preinstalled certificate authority CA root certificate eDellRoot contain a critical vulnerability. Exploitation of the vulnerability could allow a remote attacker to read encrypted web browser traffic HTTPS, impersonate spoof any website, or perform other attacks...

6.5AI score
Exploits0References2
0day.today
0day.todayadded 2015/11/23 12:0 a.m.70 views

SAP NetWeaver 7.4 XXE Injection Vulnerability

SAP NetWeaver version 7.4 suffers from an XML external entity injection vulnerability. Application: SAP NetWeaver Versions Affected: SAP NetWeaver 7.4, probably others Vendor URL: http://SAP.com Bugs: XML External Entity Send: 16.04.2015 Reported: 16.04.2015 Vendor response: 16.04.2015 Date of...

6.8CVSS7AI score0.01643EPSS
Exploits2
Packet Storm
Packet Stormadded 2015/11/23 12:0 a.m.52 views

SAP NetWeaver 7.4 XXE Injection

Application: SAP NetWeaver Versions Affected: SAP NetWeaver 7.4, probably others Vendor URL: http://SAP.com Bugs: XML External Entity Send: 16.04.2015 Reported: 16.04.2015 Vendor response: 16.04.2015 Date of Public Advisory: 11.08.2015 Reference: SAP Security Note 2168485 Author: Roman Bezhan...

6.8CVSS0.2AI score0.01643EPSS
Exploits2
0day.today
0day.todayadded 2015/11/23 12:0 a.m.46 views

SAP Afaria 7 Cross Site Scripting Vulnerability

SAP Afaria version 7 suffers from a stored cross site scripting vulnerability. Application: SAP Afaria Versions Affected: SAP Afaria 7, probably others Vendor URL: http://SAP.com Bugs: Stored XSS Send: 18.02.2015 Reported: 18.02.2015 Vendor response: 18.02.2015 Date of Public Advisory: 11.08.2015...

4.3CVSS6.1AI score0.01273EPSS
Exploits1
RedHat Linux
RedHat Linuxadded 2015/11/19 3:39 a.m.1 views

file: out-of-bounds read in elf note headers

An out-of-bounds read flaw was found in the way the File Information fileinfo extension parsed Executable and Linkable Format ELF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted ELF file...

5CVSS7.4AI score0.13757EPSS
Exploits0References4
CISA
CISAadded 2015/11/13 12:0 a.m.15 views

Apache Commons Collections Java Library Vulnerability

US-CERT is aware of a deserialization vulnerability in the Apache Commons Collections ACC Java library. Java applications that either directly use ACC, or contain ACC in their classpath, may be vulnerable to arbitrary code execution. US-CERT encourages users and administrators to review...

7.2AI score
Exploits0References1
NVD
NVDadded 2015/11/10 5:59 p.m.15 views

CVE-2015-7994

The SQL interface in SAP HANA DB 1.00.73.00.389160 NewDB100REL allows remote attackers to execute arbitrary code via unspecified vectors related to "SQL Login," aka SAP Security Note 2197428...

7.5CVSS8.1AI score0.03427EPSS
Exploits0References4
NVD
NVDadded 2015/11/10 5:59 p.m.14 views

CVE-2015-7993

The Extended Application Services aka XS or XS Engine in SAP HANA DB 1.00.73.00.389160 NewDB100REL allows remote attackers to execute arbitrary code via unspecified vectors related to "HTTP Login," aka SAP Security Note 2197397...

7.5CVSS7.7AI score0.03715EPSS
Exploits0References4
NVD
NVDadded 2015/11/10 5:59 p.m.21 views

CVE-2015-7992

SAP HANA DB 1.00.73.00.389160 NewDB100REL allows remote authenticated users to cause a denial of service memory corruption and indexserver crash via unspecified vectors to the EXECUTESEARCHRULESET stored procedure, aka SAP Security Note 2175928...

4CVSS6.2AI score0.01584EPSS
Exploits0References4
NVD
NVDadded 2015/11/10 5:59 p.m.19 views

CVE-2015-7991

The Web Dispatcher service in SAP HANA DB 1.00.73.00.389160 NewDB100REL allows remote attackers to read web dispatcher and security trace files and possibly obtain passwords via unspecified vectors, aka SAP Security Note 2148854...

5CVSS6.8AI score0.01808EPSS
Exploits0References3
NVD
NVDadded 2015/11/10 5:59 p.m.20 views

CVE-2015-7828

SAP HANA Database 1.00 SPS10 and earlier do not require authentication, which allows remote attackers to execute arbitrary code or have unspecified other impact via a TrexNet packet to the 1 fcopydir, 2 fmkdir, 3 frmdir, 4 getenv, 5 dumpenv, 6 fcopy, 7 fput, 8 fdel, 9 fmove, 10 fget, 11 fappend, ...

10CVSS8AI score0.06547EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2015/11/10 5:59 p.m.2 views

CVE-2015-7994

The SQL interface in SAP HANA DB 1.00.73.00.389160 NewDB100REL allows remote attackers to execute arbitrary code via unspecified vectors related to "SQL Login," aka SAP Security Note 2197428...

7.5CVSS6.4AI score0.03427EPSS
Exploits0References5
Prion
Prionadded 2015/11/10 5:59 p.m.18 views

Design/Logic Flaw

The Web Dispatcher service in SAP HANA DB 1.00.73.00.389160 NewDB100REL allows remote attackers to read web dispatcher and security trace files and possibly obtain passwords via unspecified vectors, aka SAP Security Note 2148854...

5CVSS7.3AI score0.01808EPSS
Exploits0References3Affected Software1
Prion
Prionadded 2015/11/10 5:59 p.m.18 views

Design/Logic Flaw

The Extended Application Services aka XS or XS Engine in SAP HANA DB 1.00.73.00.389160 NewDB100REL allows remote attackers to execute arbitrary code via unspecified vectors related to "HTTP Login," aka SAP Security Note 2197397...

7.5CVSS8.3AI score0.03715EPSS
Exploits0References4Affected Software1
Prion
Prionadded 2015/11/10 5:59 p.m.17 views

Authentication flaw

SAP HANA Database 1.00 SPS10 and earlier do not require authentication, which allows remote attackers to execute arbitrary code or have unspecified other impact via a TrexNet packet to the 1 fcopydir, 2 fmkdir, 3 frmdir, 4 getenv, 5 dumpenv, 6 fcopy, 7 fput, 8 fdel, 9 fmove, 10 fget, 11 fappend, ...

10CVSS8.7AI score0.06547EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder