Lucene search

K

8 matches found

CVE
CVE
added 2020/01/23 7:15 p.m.131 views

CVE-2013-1592

A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistics() function when sending specially crafted SAP Message Server packets to remote TCP ports 36NN and/or 39NN in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04, which could let a remote malicious user ex...

10CVSS9.5AI score0.68888EPSS
CVE
CVE
added 2013/11/20 2:12 p.m.90 views

CVE-2013-6815

The SHSTI_UPLOAD_XML function in the Application Server for ABAP (AS ABAP) in SAP NetWeaver 7.31 and earlier allows remote attackers to cause a denial of service via unspecified vectors, related to an XML External Entity (XXE) issue.

5CVSS6.9AI score0.00704EPSS
CVE
CVE
added 2013/02/12 8:55 p.m.66 views

CVE-2011-5263

Cross-site scripting (XSS) vulnerability in RetrieveMailExamples in SAP NetWeaver 7.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the server parameter.

4.3CVSS5.9AI score0.00475EPSS
CVE
CVE
added 2013/10/24 12:55 a.m.66 views

CVE-2013-6244

The Live Update webdynpro application (webdynpro/dispatcher/sap.com/tc~slm~ui_lup/LUP) in SAP NetWeaver 7.31 and earlier allows remote attackers to read arbitrary files and directories via an XML document containing an external entity declaration in conjunction with an entity reference, related to ...

5CVSS7AI score0.00718EPSS
CVE
CVE
added 2020/01/23 8:15 p.m.54 views

CVE-2013-1593

A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe module in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04 when sending a crafted SAP Message Server packet to TCP ports 36NN and/or 39NN.

7.5CVSS7.6AI score0.02657EPSS
CVE
CVE
added 2014/05/19 2:55 p.m.53 views

CVE-2014-3787

SAP NetWeaver 7.20 and earlier allows remote attackers to read arbitrary SAP Central User Administration (SAP CUA) tables via unspecified vectors.

5CVSS6.9AI score0.00319EPSS
CVE
CVE
added 2014/02/14 3:55 p.m.41 views

CVE-2014-1965

Cross-site scripting (XSS) vulnerability in ISpeakAdapter in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component 3.0, 7.00 through 7.02, and 7.10 through 7.11 for SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to PIP.

4.3CVSS5.8AI score0.00329EPSS
CVE
CVE
added 2013/09/16 7:14 p.m.33 views

CVE-2013-5751

Directory traversal vulnerability in SAP NetWeaver 7.x allows remote attackers to read arbitrary files via unspecified vectors.

5CVSS6.9AI score0.00504EPSS