EUVD-2016-3018

Malware in sbrugna...

CVE-2016-3640

The Extended Application Services aka XS or XS Engine in SAP HANA DB 1.00.091.00.1418659308 allows local users to obtain sensitive password information via vectors related to passwords in Web Dispatcher trace files, aka SAP Security Note 2148905...

CVE-2016-3640

The SAP HANA DB vulnerability CVE-2016-3640 affects Extended Application Services (XS/XS Engine) in SAP HANA DB version 1.00.091.00.1418659308. The issue allows local users to disclose sensitive password information via vectors related to passwords in Web Dispatcher trace files (as described in S...

CVE-2016-3640

The Extended Application Services aka XS or XS Engine in SAP HANA DB 1.00.091.00.1418659308 allows local users to obtain sensitive password information via vectors related to passwords in Web Dispatcher trace files, aka SAP Security Note 2148905...

CVE-2016-1928

Buffer overflow in the XS engine hdbxsengine in SAP HANA allows remote attackers to cause a denial of service or execute arbitrary code via a crafted HTTP request, related to JSON, aka SAP Security Note 2241978...

Buffer overflow

Buffer overflow in the XS engine hdbxsengine in SAP HANA allows remote attackers to cause a denial of service or execute arbitrary code via a crafted HTTP request, related to JSON, aka SAP Security Note 2241978...

Design/Logic Flaw

The XS engine in SAP HANA allows remote attackers to spoof log entries in trace files and consequently cause a denial of service disk consumption and process crash via a crafted HTTP request, related to an unspecified debug function, aka SAP Security Note 2241978...

CVE-2016-1929

The CVE-2016-1929 vulnerability affects the SAP HANA XS engine and allows remote attackers to spoof log entries in trace files, causing denial of service (disk consumption and process crash) via a crafted HTTP request related to an unspecified debug function (SAP Security Note 2241978). No exploi...

CVE-2016-1928

Buffer overflow in the XS engine hdbxsengine in SAP HANA allows remote attackers to cause a denial of service or execute arbitrary code via a crafted HTTP request, related to JSON, aka SAP Security Note 2241978...

CVE-2016-1928

CVE-2016-1928 affects SAP HANA XS engine (hdbxsengine). A buffer overflow in the XS engine can be triggered by a crafted HTTP request (JSON-related), allowing remote attackers to cause a denial of service or execute arbitrary code. The vulnerability is associated with SAP Security Note 2241978. F...

CVE-2015-7993

The Extended Application Services aka XS or XS Engine in SAP HANA DB 1.00.73.00.389160 NewDB100REL allows remote attackers to execute arbitrary code via unspecified vectors related to "HTTP Login," aka SAP Security Note 2197397...

Design/Logic Flaw

The Extended Application Services aka XS or XS Engine in SAP HANA DB 1.00.73.00.389160 NewDB100REL allows remote attackers to execute arbitrary code via unspecified vectors related to "HTTP Login," aka SAP Security Note 2197397...

CVE-2015-7993

CVE-2015-7993 affects SAP HANA DB Extended Application Services (XS/XS Engine) in version 1.00.73.00.389160 (NewDB100_REL). The vulnerability enables remote arbitrary code execution via unspecified vectors related to HTTP Login (SAP Security Note 2197397). The connected sources confirm the affect...

CVE-2015-3994

The grant.xsfunc application in testApps/grantAccess/ in the XS Engine in SAP HANA DB 1.00.73.00.389160 NewDB100REL allows remote authenticated users to spoof log entries via a crafted request, aka SAP Security Note 2109818...

CVE-2015-3994

The grant.xsfunc application in testApps/grantAccess/ in the XS Engine in SAP HANA DB 1.00.73.00.389160 NewDB100REL allows remote authenticated users to spoof log entries via a crafted request, aka SAP Security Note 2109818...

CVE-2015-3994

CVE-2015-3994 affects SAP HANA DB (XS Engine) version 1.00.73.00.389160 (NewDB100_REL). The vulnerability resides in the grant.xsfunc application under testApps/grantAccess/, where remote authenticated attackers can spoof log entries via a crafted HTTP request. The issue is described as an improp...