Filtered by vendor Sap
Subscriptions
Filtered by product Netweaver
Subscriptions
Total
98 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2012-2512 | 1 Sap | 1 Netweaver | 2024-08-06 | N/A |
The DiagTraceStreamI function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet. | ||||
CVE-2012-2513 | 1 Sap | 1 Netweaver | 2024-08-06 | N/A |
The Diaginput function in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2 allows remote attackers to cause a denial of service (daemon crash) via a crafted SAP Diag packet. | ||||
CVE-2012-1289 | 1 Sap | 1 Netweaver | 2024-08-06 | N/A |
Multiple directory traversal vulnerabilities in SAP NetWeaver 7.0 allow remote authenticated users to read arbitrary files via a .. (dot dot) in the logfilename parameter to (1) b2b/admin/log.jsp or (2) b2b/admin/log_view.jsp in the Internet Sales (crm.b2b) component, or (3) ipc/admin/log.jsp or (4) ipc/admin/log_view.jsp in the Application Administration (com.sap.ipc.webapp.ipc) component. | ||||
CVE-2013-7094 | 1 Sap | 1 Netweaver | 2024-08-06 | N/A |
SQL injection vulnerability in the RSDDCVER_COUNT_TAB_COLS function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
CVE-2013-6869 | 1 Sap | 1 Netweaver | 2024-08-06 | N/A |
SQL injection vulnerability in the SRTT_GET_COUNT_BEFORE_KEY_RFC function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | ||||
CVE-2013-6821 | 1 Sap | 1 Netweaver | 2024-08-06 | N/A |
Directory traversal vulnerability in the Exportability Check Service in SAP NetWeaver allows remote attackers to read arbitrary files via unspecified vectors. | ||||
CVE-2013-6822 | 1 Sap | 1 Netweaver | 2024-08-06 | N/A |
GRMGApp in SAP NetWeaver allows remote attackers to have unspecified impact and attack vectors, related to an XML External Entity (XXE) issue. | ||||
CVE-2013-6823 | 1 Sap | 1 Netweaver | 2024-08-06 | N/A |
GRMGApp in SAP NetWeaver allows remote attackers to bypass intended access restrictions via unspecified vectors. | ||||
CVE-2013-6816 | 1 Sap | 1 Netweaver | 2024-08-06 | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in the (1) JavaDumpService and (2) DataCollector servlets in SAP NetWeaver allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
CVE-2013-6814 | 1 Sap | 1 Netweaver | 2024-08-06 | N/A |
The J2EE Engine in SAP NetWeaver 6.40, 7.02, and earlier allows remote attackers to redirect users to arbitrary web sites, conduct phishing attacks, and obtain sensitive information (cookies and SAPPASSPORT) via unspecified vectors. | ||||
CVE-2013-6815 | 1 Sap | 1 Netweaver | 2024-08-06 | N/A |
The SHSTI_UPLOAD_XML function in the Application Server for ABAP (AS ABAP) in SAP NetWeaver 7.31 and earlier allows remote attackers to cause a denial of service via unspecified vectors, related to an XML External Entity (XXE) issue. | ||||
CVE-2013-6819 | 1 Sap | 1 Netweaver | 2024-08-06 | N/A |
Cross-site scripting (XSS) vulnerability in Performance Provider in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
CVE-2013-5751 | 1 Sap | 1 Netweaver | 2024-08-06 | N/A |
Directory traversal vulnerability in SAP NetWeaver 7.x allows remote attackers to read arbitrary files via unspecified vectors. | ||||
CVE-2013-5723 | 1 Sap | 1 Netweaver | 2024-08-06 | N/A |
SQL injection vulnerability in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to "ABAD0_DELETE_DERIVATION_TABLE." | ||||
CVE-2013-3319 | 1 Sap | 1 Netweaver | 2024-08-06 | N/A |
The GetComputerSystem method in the HostControl service in SAP Netweaver 7.03 allows remote attackers to obtain sensitive information via a crafted SOAP request to TCP port 1128. | ||||
CVE-2013-3243 | 2 Opentext, Sap | 2 Opentext\/ixos Ecm For Sap Netweaver, Netweaver | 2024-08-06 | N/A |
Unspecified vulnerability in OpenText/IXOS ECM for SAP NetWeaver allows remote attackers to execute arbitrary ABAP code via unknown vectors. | ||||
CVE-2013-1593 | 1 Sap | 1 Netweaver | 2024-08-06 | 7.5 High |
A Denial of Service vulnerability exists in the WRITE_C function in the msg_server.exe module in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04 when sending a crafted SAP Message Server packet to TCP ports 36NN and/or 39NN. | ||||
CVE-2013-1592 | 1 Sap | 1 Netweaver | 2024-08-06 | 9.8 Critical |
A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistics() function when sending specially crafted SAP Message Server packets to remote TCP ports 36NN and/or 39NN in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04, which could let a remote malicious user execute arbitrary code. | ||||
CVE-2014-8592 | 1 Sap | 1 Netweaver | 2024-08-06 | N/A |
Unspecified vulnerability in SAP Host Agent, as used in SAP NetWeaver 7.02 and 7.3, allows remote attackers to cause a denial of service (process termination) via a crafted request. | ||||
CVE-2014-8591 | 1 Sap | 1 Netweaver | 2024-08-06 | N/A |
Unspecified vulnerability in SAP Internet Communication Manager (ICM), as used in SAP NetWeaver 7.02 and 7.3, allows remote attackers to cause a denial of service (process termination) via unknown vectors. |