Netweaver@7.5 Security Vulnerabilities and Issues — Netweaver@7.5 CVE List

Lucene search

SapNetweaver7.5

4 matches found

CVE•added 2025/05/13 1:15 a.m.•209 views

CVE-2025-42999

SAP NetWeaver Visual Composer Metadata Uploader is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potentially lead to a compromise of confidentiality, integrity, and availability of the host system.

9.1CVSS9.2AI score0.1876EPSS

CVE•added 2019/01/08 8:29 p.m.•52 views

CVE-2019-0248

Under certain conditions SAP Gateway of ABAP Application Server (fixed in SAP_GWFND 7.5, 7.51, 7.52, 7.53; SAP_BASIS 7.5) allows an attacker to access information which would otherwise be restricted.

5.9CVSS5.5AI score0.00386EPSS

CVE•added 2017/04/10 3:59 p.m.•35 views

CVE-2016-10311

Stack-based buffer overflow in SAP NetWeaver 7.0 through 7.5 allows remote attackers to cause a denial of service () by sending a crafted packet to the SAPSTARTSRV port, aka SAP Security Note 2295238.

9.8CVSS9.3AI score0.04067EPSS

CVE•added 2024/04/09 1:15 a.m.•28 views

CVE-2024-27898

SAP NetWeaver application, due to insufficient input validation, allows an attacker to send a crafted request from a vulnerable web application targeting internal systems behind firewalls that are normally inaccessible to an attacker from the external network, resulting in a Server-Side Request For...

5.3CVSS5.2AI score0.00162EPSS