Lucene search

K

7 matches found

CVE
CVE
added 2018/01/09 3:29 p.m.42 views

CVE-2018-2363

SAP NetWeaver, SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, contains code that allows you to execute arbitrary program code of the user's choice. A malicious user can therefore control the behaviour of the system or can potentially escalate privileges by exec...

8.8CVSS9AI score0.0074EPSS
CVE
CVE
added 2018/09/11 3:29 p.m.37 views

CVE-2018-2464

SAP WebDynpro Java, versions 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in a stored Cross-Site Scripting (XSS) vulnerability.

6.1CVSS5.9AI score0.00418EPSS
CVE
CVE
added 2018/07/10 6:29 p.m.36 views

CVE-2018-2434

A content spoofing vulnerability in the following components allows to render html pages containing arbitrary plain text content, which might fool an end user: UI add-on for SAP NetWeaver (UI_Infra, 1.0), SAP UI Implementation for Decoupled Innovations (UI_700, 2.0): SAP NetWeaver 7.00 Implementati...

4.3CVSS4.7AI score0.00137EPSS
CVE
CVE
added 2018/11/13 8:29 p.m.36 views

CVE-2018-2476

Due to insufficient URL Validation in forums in SAP NetWeaver versions 7.30, 7.31, 7.40, an attacker can redirect users to a malicious site.

6.1CVSS6.1AI score0.00217EPSS
CVE
CVE
added 2018/10/09 1:29 p.m.34 views

CVE-2018-2470

In SAP NetWeaver Application Server for ABAP, from 7.0 to 7.02, 7.30, 7.31, 7.40 and from 7.50 to 7.53, applications do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

6.1CVSS6AI score0.00434EPSS
CVE
CVE
added 2018/11/13 8:29 p.m.33 views

CVE-2018-2477

Knowledge Management (XMLForms) in SAP NetWeaver, versions 7.30, 7.31, 7.40 and 7.50 does not sufficiently validate an XML document accepted from an untrusted source.

8.8CVSS8.6AI score0.00854EPSS
CVE
CVE
added 2018/09/11 3:29 p.m.31 views

CVE-2018-2462

In certain cases, BEx Web Java Runtime Export Web Service in SAP NetWeaver BI 7.30, 7.31. 7.40, 7.41, 7.50, does not sufficiently validate an XML document accepted from an untrusted source.

8.8CVSS8.6AI score0.00748EPSS