| CVE-2015-7241 |
critical |
9.8 |
10.0 |
EXP |
|
sap |
9y ago |
XML External Entity (XXE) vulnerability in SAP Netweaver before 7.01. |
| CVE-2016-6256 |
critical |
9.6 |
10.0 |
EXP |
|
sap |
9y ago |
SAP Business One for Android 1.2.3 allows remote attackers to conduct XML External Entity (XXE) attacks via crafted XML data in a request to B1iXcellerator/exec/soap/vP.001sap0003.in_WCSX/com.sap.b1i… |
| CVE-2016-3974 |
critical |
9.1 |
10.0 |
EXP |
|
sap |
10y ago |
XML external entity (XXE) vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to cause a denial of service, conduct SMB Relay attacks, or access… |
| CVE-2012-2611 |
critical |
— |
10.0 |
EXP |
|
sap |
14y ago |
The DiagTraceR3Info function in the Dialog processor in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2, when a certain Developer Trace config… |
| CVE-2010-2590 |
critical |
— |
10.0 |
EXP |
|
sap |
16y ago |
Heap-based buffer overflow in the CrystalReports12.CrystalPrintControl.1 ActiveX control in PrintControl.dll 12.3.2.753 in SAP Crystal Reports 2008 SP3 Fix Pack 3.2 allows remote attackers to execute… |
| CVE-2010-0219 |
critical |
— |
10.0 |
EXP |
|
apachesap |
16y ago |
Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier … |
| CVE-2009-4988 |
critical |
— |
10.0 |
EXP |
|
sap |
16y ago |
Stack-based buffer overflow in NT_Naming_Service.exe in SAP Business One 2005 A 6.80.123 and 6.80.320 allows remote attackers to execute arbitrary code via a long GIOP request to TCP port 30000. |
| CVE-2010-1185 |
critical |
— |
10.0 |
EXP |
|
sap |
16y ago |
Stack-based buffer overflow in serv.exe in SAP MaxDB 7.4.3.32, and 7.6.0.37 through 7.6.06 allows remote attackers to execute arbitrary code via an invalid length parameter in a handshake packet to T… |
