EUVD-2016-4988

Malware in sbrugna...

EUVD-2016-4989

Malware in sbrugna...

CVE-2022-22532

In SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an unauthenticated attacker could submit a crafted HTTP server request which triggers improper shared memory buffer handling. This could allow the...

SAP J2EE Engine Cross-Site Scripting Vulnerability

SAP J2EE Engine is a set of runtime environments for J2EE applications. A cross-site scripting vulnerability exists in SAP J2EE Engine because SAP J2EE Engine/7.01/Fiori fails to validate or filter user input data, resulting in cross-site scripting in the "ctcprotocol" protocol implementation,...

XSS in CRM (Administration Console, Java)

Application: SAP Java CRM Versions Affected: SAP Java CRM 700-754 Vendor URL: SAP Bug: XSS Reported: 20.06.2017 Vendor response: 21.06.2017 Date of Public Advisory: 11.07.2017 Reference: SAP Security Note 2478964 Author: Vladimir Egorov ERPScan VULNERABILITY INFORMATION Class: XSS Risk: Medium...

CVE-2016-3980

The Java Startup Framework aka jstart in SAP JAVA AS 7.2 through 7.4 allows remote attackers to cause a denial of service process crash via a crafted HTTP request, aka SAP Security Note 2259547...

CVE-2016-3980

The Java Startup Framework aka jstart in SAP JAVA AS 7.2 through 7.4 allows remote attackers to cause a denial of service process crash via a crafted HTTP request, aka SAP Security Note 2259547...

CVE-2016-3980

The Java Startup Framework aka jstart in SAP JAVA AS 7.2 through 7.4 allows remote attackers to cause a denial of service process crash via a crafted HTTP request, aka SAP Security Note 2259547...

CVE-2016-3979

Internet Communication Manager aka ICMAN or ICM in SAP JAVA AS 7.2 through 7.4 allows remote attackers to cause a denial of service heap memory corruption and process crash via a crafted HTTP request, related to the IctParseCookies function, aka SAP Security Note 2256185...

SAP JAVA AS jstart - DoS vulnerability

Application: SAP JAVA AS Versions Affected: SAP JAVA AS 7.2 – 7.4 Vendor URL: SAP Bugs: Denial of Service Reported: 04.12.2015 Vendor response: 05.12.2015 Date of Public Advisory: 14.03.2016 Reference: SAP Security Note 2259547 Author: Dmitry Yudin ERPScan @ret5et Vulnerability Information Class:...

SAP JAVA AS icman - DoS vulnerability

Application: SAP JAVA AS Versions Affected: SAP JAVA AS 7.2 – 7.4 Vendor URL: SAP Bugs: Denial of Service Reported: 04.12.2015 Vendor response: 05.12.2015 Date of Public Advisory: 14.03.2016 Reference: SAP Security Note 2256185 Author: Dmitry Yudin ERPScan @ret5et Vulnerability Information Class:...

CVE-2007-3496

SAP Web Dynpro Java (BC-WD-JAV) in SAP NetWeaver Nw04 SP15–SP19 and Nw04s SP7–SP11 is affected by a cross-site scripting (XSS) vulnerability that can be triggered via the User-Agent HTTP header. Affected components include SAP Java Technology Services 640 before SP20 and SAP Web Dynpro Runtime Co...