Lucene search

K
SapNetweaver

5 matches found

CVE
CVE
added 2023/04/11 4:16 a.m.58 views

CVE-2023-29186

In SAP NetWeaver (BI CONT ADDON) - versions 707, 737, 747, 757, an attacker can exploit a directory traversal flaw in a report to upload and overwrite files on the SAP server. Data cannot be read but if a remote attacker has sufficient (administrative) privileges then potentially critical OS files ...

8.7CVSS6.8AI score0.23296EPSS
CVE
CVE
added 2018/01/09 3:29 p.m.41 views

CVE-2018-2363

SAP NetWeaver, SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, contains code that allows you to execute arbitrary program code of the user's choice. A malicious user can therefore control the behaviour of the system or can potentially escalate privileges by exec...

8.8CVSS9AI score0.0078EPSS
CVE
CVE
added 2019/08/14 2:15 p.m.37 views

CVE-2019-0351

A remote code execution vulnerability exists in the SAP NetWeaver UDDI Server (Services Registry), versions 7.10, 7.20, 7.30, 7.31, 7.40, 7.50. Because of this, an attacker can exploit Services Registry potentially enabling them to take complete control of the product, including viewing, changing, ...

8.8CVSS8.8AI score0.02279EPSS
CVE
CVE
added 2018/11/13 8:29 p.m.33 views

CVE-2018-2477

Knowledge Management (XMLForms) in SAP NetWeaver, versions 7.30, 7.31, 7.40 and 7.50 does not sufficiently validate an XML document accepted from an untrusted source.

8.8CVSS8.6AI score0.00854EPSS
CVE
CVE
added 2018/09/11 3:29 p.m.31 views

CVE-2018-2462

In certain cases, BEx Web Java Runtime Export Web Service in SAP NetWeaver BI 7.30, 7.31. 7.40, 7.41, 7.50, does not sufficiently validate an XML document accepted from an untrusted source.

8.8CVSS8.6AI score0.00777EPSS