Lucene search
K

770 matches found

erpscan
erpscan
added 2015/04/12 12:0 a.m.38 views

SAP JAVA AS jstart - DoS vulnerability

Application: SAP JAVA AS Versions Affected: SAP JAVA AS 7.2 – 7.4 Vendor URL: SAP Bugs: Denial of Service Reported: 04.12.2015 Vendor response: 05.12.2015 Date of Public Advisory: 14.03.2016 Reference: SAP Security Note 2259547 Author: Dmitry Yudin ERPScan @ret5et Vulnerability Information Class:...

5CVSS0.1AI score0.07075EPSS
Exploits0
NVD
NVD
added 2015/04/01 2:59 p.m.20 views

CVE-2015-2820

Buffer overflow in XcListener in SAP Afaria 7.0.6001.5 allows remote attackers to cause a denial of service process termination via a crafted request, aka SAP Security Note 2132584...

5CVSS6.6AI score0.03604EPSS
Exploits0References5
NVD
NVD
added 2015/04/01 2:59 p.m.14 views

CVE-2015-2819

SAP Sybase SQL Anywhere 11 and 16 allows remote attackers to cause a denial of service crash via a crafted request, aka SAP Security Note 2108161...

5CVSS7AI score0.02444EPSS
Exploits0References5
NVD
NVD
added 2015/04/01 2:59 p.m.19 views

CVE-2015-2818

XML external entity XXE vulnerability in SAP Mobile Platform 3 allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Security Note 2125513...

5CVSS6.6AI score0.01135EPSS
Exploits0References2
NVD
NVD
added 2015/04/01 2:59 p.m.29 views

CVE-2015-2817

The SAP Management Console in SAP NetWeaver 7.40 allows remote attackers to obtain sensitive information via the ReadProfile parameters, aka SAP Security Note 2091768...

5CVSS6.1AI score0.02395EPSS
Exploits0References5
NVD
NVD
added 2015/04/01 2:59 p.m.15 views

CVE-2015-2816

The XcListener in SAP Afaria 7.0.6001.5 does not properly restrict access, which allows remote attackers to have unspecified impact via a crafted request, aka SAP Security Note 2134905...

7.5CVSS6.8AI score0.02582EPSS
Exploits0References5
NVD
NVD
added 2015/04/01 2:59 p.m.13 views

CVE-2015-2814

SAP EMR Unwired com.sap.mobile.healthcare.emr.v2 and Clinical Task Tracker com.sap.mobile.healthcare.ctt does not properly restrict access, which allows remote attackers to change the backendurl, clientid, ssourl, and infopageurl settings via unspecified vectors, aka SAP Security Note 2117079...

6.4CVSS6.7AI score0.01209EPSS
Exploits0References2
NVD
NVD
added 2015/04/01 2:59 p.m.19 views

CVE-2015-2813

XML external entity XXE vulnerability in SAP Mobile Platform allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Security Note 2125358...

5CVSS6.5AI score0.01642EPSS
Exploits0References5
NVD
NVD
added 2015/04/01 2:59 p.m.26 views

CVE-2015-2812

XML external entity XXE vulnerability in XMLValidationComponent in SAP NetWeaver Portal 7.31.201109172004 allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Security Note 2093966...

5CVSS6.5AI score0.02503EPSS
Exploits0References4
Prion
Prion
added 2015/04/01 2:59 p.m.15 views

Xxe

XML external entity XXE vulnerability in SAP Mobile Platform 3 allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Security Note 2125513...

5CVSS7.2AI score0.01135EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2015/04/01 2:59 p.m.15 views

Xxe

XML external entity XXE vulnerability in ReportXmlViewer in SAP NetWeaver Portal 7.31.201109172004 allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Security Note 2111939...

5CVSS7.1AI score0.02397EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2015/04/01 2:59 p.m.13 views

Code injection

SAP EMR Unwired com.sap.mobile.healthcare.emr.v2 and Clinical Task Tracker com.sap.mobile.healthcare.ctt does not properly restrict access, which allows remote attackers to change the backendurl, clientid, ssourl, and infopageurl settings via unspecified vectors, aka SAP Security Note 2117079...

6.4CVSS7.2AI score0.01209EPSS
Exploits0References2
Prion
Prion
added 2015/04/01 2:59 p.m.16 views

Xxe

XML external entity XXE vulnerability in SAP Mobile Platform allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Security Note 2125358...

5CVSS7.1AI score0.01642EPSS
Exploits0References5
Prion
Prion
added 2015/04/01 2:59 p.m.19 views

Buffer overflow

Buffer overflow in XcListener in SAP Afaria 7.0.6001.5 allows remote attackers to cause a denial of service process termination via a crafted request, aka SAP Security Note 2132584...

5CVSS7.3AI score0.03604EPSS
Exploits0References5Affected Software1
Prion
Prion
added 2015/04/01 2:59 p.m.15 views

Design/Logic Flaw

SAP Sybase SQL Anywhere 11 and 16 allows remote attackers to cause a denial of service crash via a crafted request, aka SAP Security Note 2108161...

5CVSS7.7AI score0.02444EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2015/04/01 2:0 p.m.36 views

CVE-2015-2815

Buffer overflow in the CSAPGPARAM function in the NetWeaver Dispatcher in SAP KERNEL 7.00 7000.52.12.34966 and 7.40 7400.12.21.30308 allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via unspecified vectors, aka SAP Security Note 2063369...

7.8AI score0.03704EPSS
Exploits0References5
Cvelist
Cvelist
added 2015/04/01 2:0 p.m.31 views

CVE-2015-2812

XML external entity XXE vulnerability in XMLValidationComponent in SAP NetWeaver Portal 7.31.201109172004 allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Security Note 2093966...

6.5AI score0.02503EPSS
Exploits0References4
Cvelist
Cvelist
added 2015/04/01 2:0 p.m.32 views

CVE-2015-2817

The SAP Management Console in SAP NetWeaver 7.40 allows remote attackers to obtain sensitive information via the ReadProfile parameters, aka SAP Security Note 2091768...

6AI score0.02395EPSS
Exploits0References5
Cvelist
Cvelist
added 2015/04/01 2:0 p.m.20 views

CVE-2015-2818

XML external entity XXE vulnerability in SAP Mobile Platform 3 allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Security Note 2125513...

6.6AI score0.01135EPSS
Exploits0References2
CVE
CVE
added 2015/04/01 2:0 p.m.57 views

CVE-2015-2819

CVE-2015-2819 affects SAP Sybase SQL Anywhere 11 and 16. An anonymous, remotely exploitable DoS can be triggered by a crafted request, crashing the server. ERPScan’s advisory (ERPSCAN-15-010) and SAP Security Note 2108161 describe the vulnerability and remediation. A PoC is included in the adviso...

5CVSS9AI score0.02444EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder