769 matches found
SAP Security Note 1908562 - Port scanning in BusinessObjects Explorer
COMPASS SECURITY ADVISORY http://www.csnc.ch/en/downloads/advisories.html Product: BusinessObjects Explorer Vendor: SAP AG Subject: Potential information disclosure relating to SBOP Explorer Risk: Medium Effect: Remotely exploitable Author: Stefan Horlacher Date: 2014-10-10 SAP Security Note:...
SAP BusinessObjects Explorer 14.0.5 Information Disclosure
COMPASS SECURITY ADVISORY http://www.csnc.ch/en/downloads/advisories.html Product: BusinessObjects Explorer Vendor: SAP AG Subject: Potential information disclosure relating to SBOP Explorer Risk: Medium Effect: Remotely exploitable Author: Stefan Horlacher Date: 2014-10-10 SAP Security Note:...
Sybase SQL Anywhere 11 and 16 - DoS
Application: Sybase SQL Anywhere 11 and 16 Vendor URL: Bugs: DoS Reported: 09.12.2014 Vendor response: 10.12.2014 Date of Public Advisory: 15.03.2015 Reference: SAP Security Note 2108161 Authors: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class: DoS CWE-122 Impact: DoS Remotely Exploitabl...
SAP HANA metadata.xsjs - SQL injection
Application: SAP HANA Versions Affected: 1.00.60.379371 Vendor URL: http://www.sap.com Bugs: SQL injection Exploits: YES Reported: 09.04.2014 Vendor response: 10.04.2014 Date of Public Advisory: 17.10.2014 Reference: SAP Security Note 2067972 Author: Dmitry Chastukhin ERPScan Description SQL...
SAP HANA Application Lifecycle manager - CSRF token bypass (Verb tampering)
Application: SAP HANA Versions Affected: 1.00.60.379371 Vendor URL: http://www.sap.com Bugs: CSRF token bypass Verb tampering Reported: 09.04.2014 Vendor response: 10.04.2014 Date of Public Advisory: 21.08.2014 Reference: SAP Security Note 2011169 Author: Dmitry Chastukhin ERPScan Description It ...
SAP Kernel - RCE, DoS
Application: SAP NetWeaver Dispatcher Versions Affected: SAP Kernel 7.00 32BIT, 7.40 64BIT Vendor URL: http://www.sap.com Bugs: Buffer Overflow – RCE, DoS Exploits: YES Reported: 25.08.2014 Vendor response: 25.08.2014 Date of Public Advisory: 15.12.2014 Reference: SAP Security Note 2059734 Author...
SAP Kernel - RCE and DoS vulnerability
Application: SAP NetWeaver Dispatcher Versions Affected: SAP Kernel 7.00 32BIT, 7.40 64BIT Vendor URL: http://www.sap.com Vulnerability: Buffer Overflow – RCE, Denial of Service Exploits: YES Reported: 25.08.2014 Vendor response: 25.08.2014 Date of Public Advisory: 15.12.2014 Reference: SAP...
SAPKERNEL C_SAPGPARAM - RCE, DoS
Application: SAP NetWeaver Dispatcher Versions Affected: SAP KERNEL 7.00 32BIT, disp+work.exe 7000.52.12.34966, SAP KERNEL 7.40 64BIT, disp+work.exe 7400.12.21.30308 Vendor URL: http://www.sap.com Bugs: Buffer Overflow Reported: 17.08.2014 Vendor response: 18.08.2014 Date of Public Advisory:...
SAP Netweaver Message Server Multiple Vulnerabilities
No description provided by source. 1. Advisory Information Title: SAP Netweaver Message Server Multiple Vulnerabilities Advisory ID: CORE-2012-1128 Advisory URL: http://www.coresecurity.com/content/SAP-netweaver-msg-srv-multiple-vulnerabilities Date published: 2013-02-13 Date of last update:...
SAP Netweaver Dispatcher Multiple Vulnerabilities
No description provided by source. Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ SAP Netweaver Dispatcher Multiple Vulnerabilities 1. Advisory Information Title: SAP Netweaver Dispatcher Multiple Vulnerabilities Advisory ID: CORE-2012-0123 Advisory URL:...
Joomla XCloner Component (com_xcloner-backupandrestore) Remote Command Execution
No description provided by source. !/usr/bin/python Joomla component comxcloner-backupandrestore remote code execution exploit Vendor: http://www.xcloner.com/ Our true divinity is in our ability to create. And armed with the understanding of the symbiotic connections of life, while being guided b...
SAP NetWeaver AS Java CIM UPLOAD - XXE
Application: SAP NetWeaver AS Java Vendor URL: http://www.sap.com Bugs: XML External Entity Reported: 16.06.2014 Vendor response: 17.06.2014 Date of Public Advisory: 18.05.2015 Reference: SAP Security Note 2090851 Authors: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION Class: XML External...
SAP Management Console ReadProfile Parameters - Information disclosure
Application: SAP NetWeaver 7.40 Vendor URL: http://www.sap.com Bugs: Information disclosure Reported: 06.11.2014 Vendor response: 07.11.2014 Date of Public Advisory: 15.03.2015 Reference: SAP Security Note 2091768 Authors: Dmitry Chastukhin ERPScan VULNERABILITY INFORMATION Class: Information...
SAP Mobile Platform - XXE
Application: Mobile Platform Vendor URL: http://www.sap.com Bugs: XML External Entity Reported: 06.11.2014 Vendor response: 07.11.2014 Date of Public Advisory: 15.02.2015 Reference: SAP Security Note 2125358 Authors: Dmitry Chastukhin ERPScan VULNERABILITY INFORMATION Class: XML External Entity...
SAP NetWeaver - Hardcoded Credentials
Application: SAP NetWeaver Vendor URL: http://www.sap.com Bugs: Hardcoded credentials Reported: 06.03.2014 Vendor response: 07.03.2014 Date of Public Advisory: 15.06.2015 Reference: SAP Security Note 2057982 Authors: Rustem Gazizov, Diana Grigorieva ERPScan VULNERABILITY INFORMATION Class:...
SAP NetWeaver - Hardcoded credentials
Application: SAP NetWeaver Vendor URL: http://www.sap.com Bugs: Hardcoded credentials Reported: 06.03.2014 Vendor response: 07.03.2014 Date of Public Advisory: 15.06.2015 Reference: SAP Security Note 2059659 Authors: Rustem Gazizov, Diana Grigorieva ERPScan VULNERABILITY INFORMATION Class:...
SAP NetWeaver Dispatcher Multiple Vulnerabilities - RCE, DoS
Application: SAP NetWeaver Dispatcher Versions Affected: SAP KERNEL 7.00 32BIT, disp+work.exe 7000.52.12.34966 Vendor URL: http://www.sap.com Bugs: Buffer overflow CWE-119, Integer overflow CWE-190, Improper Input Validation CWE-20 CVSS: AV:N/AC:H/Au:S/C:C/I:C/A:C 7.1 Exploits: PoC Reported:...
SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS
Application: SAP NetWeaver Dispatcher Versions Affected: SAP KERNEL 7.00 32BIT, disp+work.exe 7000.52.12.34966 SAP KERNEL 7.20 64BIT, disp+work.exe 7200.117.19.50294 Vendor URL: Bugs: Buffer overflow CWE-119 CVSS according to ERPScan: AV:N/AC:H/Au:S/C:C/I:C/A:C 7.1 CVSS according to SAP:...
UBUNTU-CVE-2013-5704
The modheaders module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."...
Microsoft Internet Explorer Version Detection
The remote Windows host contains Internet Explorer, a web browser created by Microsoft. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid72367; scriptversion"1.7"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/02/01"; scriptxrefname:"IAVT",...