| CVE-2017-16684 |
critical |
9.8 |
9.8 |
|
|
sap |
9y ago |
SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, and 4.30, does not perform authentication checks for functionalities that require user identity. |
| CVE-2017-15295 |
critical |
9.8 |
9.8 |
|
|
sap |
9y ago |
Xpress Server in SAP POS does not require authentication for read/write/delete file access. This is SAP Security Note 2520064. |
| CVE-2017-15293 |
critical |
9.8 |
9.8 |
|
|
sap |
9y ago |
Xpress Server in SAP POS does not require authentication for file read and erase operations, daemon shutdown, terminal read operations, or certain attacks on credentials. This is SAP Security Note 25… |
| CVE-2015-7241 |
critical |
9.8 |
10.0 |
EXP |
|
sap |
9y ago |
XML External Entity (XXE) vulnerability in SAP Netweaver before 7.01. |
| CVE-2017-11459 |
critical |
9.8 |
9.8 |
|
|
sap |
9y ago |
SAP TREX 7.10 allows remote attackers to (1) read arbitrary files via an fget command or (2) write to arbitrary files and consequently execute arbitrary code via an fdir command, aka SAP Security Not… |
| CVE-2017-9843 |
low |
2.7 |
2.7 |
|
|
sap |
9y ago |
SAP NetWeaver AS ABAP 7.40 allows remote authenticated users with certain privileges to cause a denial of service (process crash) via vectors involving disp+work.exe, aka SAP Security Note 2406841. |
| CVE-2016-6256 |
critical |
9.6 |
10.0 |
EXP |
|
sap |
9y ago |
SAP Business One for Android 1.2.3 allows remote attackers to conduct XML External Entity (XXE) attacks via crafted XML data in a request to B1iXcellerator/exec/soap/vP.001sap0003.in_WCSX/com.sap.b1i… |
| CVE-2016-6818 |
critical |
9.8 |
9.8 |
|
|
sap |
9y ago |
SQL injection vulnerability in SAP Business Intelligence platform before January 2017 allows remote attackers to obtain sensitive information, modify data, cause a denial of service (data deletion), … |
| CVE-2016-6143 |
critical |
9.8 |
9.8 |
|
|
sap |
9y ago |
SAP HANA DB 1.00.73.00.389160 allows remote attackers to execute arbitrary code via vectors involving the audit logs, aka SAP Security Note 2170806. |
| CVE-2017-7691 |
critical |
9.8 |
9.8 |
|
|
sap |
9y ago |
A code injection vulnerability exists in SAP TREX / Business Warehouse Accelerator (BWA). The vendor response is SAP Security Note 2419592. |
| CVE-2016-10311 |
critical |
9.8 |
9.8 |
|
|
sap |
9y ago |
Stack-based buffer overflow in SAP NetWeaver 7.0 through 7.5 allows remote attackers to cause a denial of service () by sending a crafted packet to the SAPSTARTSRV port, aka SAP Security Note 2295238. |
| CVE-2017-6950 |
critical |
9.8 |
9.8 |
|
|
sap |
9y ago |
SAP GUI 7.2 through 7.5 allows remote attackers to bypass intended security policy restrictions and execute arbitrary code via a crafted ABAP code, aka SAP Security Note 2407616. |
| CVE-2016-7437 |
low |
3.3 |
3.3 |
|
|
sap |
10y ago |
SAP Netweaver 7.40 improperly logs (1) DUI and (2) DUJ events in the SAP Security Audit Log as non-critical, which might allow local users to hide rejected attempts to execute RFC function callbacks … |
| CVE-2016-7435 |
critical |
9.1 |
9.1 |
|
|
sap |
10y ago |
The (1) SCTC_REFRESH_EXPORT_TAB_COMP, (2) SCTC_REFRESH_CHECK_ENV, and (3) SCTC_TMS_MAINTAIN_ALOG functions in the SCTC subpackage in SAP Netweaver 7.40 SP 12 allow remote authenticated users with cer… |
| CVE-2016-6137 |
critical |
9.8 |
9.8 |
|
|
sap |
10y ago |
An unspecified function in SAP TREX 7.10 Revision 63 allows remote attackers to execute arbitrary OS commands via unknown vectors, aka SAP Security Note 2203591. |
| CVE-2016-6150 |
critical |
9.8 |
9.8 |
|
|
sap |
10y ago |
The multi-tenant database container feature in SAP HANA does not properly encrypt communications, which allows remote attackers to bypass intended access restrictions and possibly have unspecified ot… |
| CVE-2016-6147 |
critical |
9.8 |
9.8 |
|
|
sap |
10y ago |
An unspecified interface in SAP TREX 7.10 Revision 63 allows remote attackers to execute arbitrary OS commands with SIDadm privileges via unspecified vectors, aka SAP Security Note 2234226. |
| CVE-2016-6140 |
critical |
9.8 |
9.8 |
|
|
sap |
10y ago |
SAP TREX 7.10 Revision 63 allows remote attackers to write to arbitrary files via vectors related to RFC-Gateway, aka SAP Security Note 2203591. |
| CVE-2016-6139 |
critical |
9.8 |
9.8 |
|
|
sap |
10y ago |
SAP TREX 7.10 Revision 63 allows remote attackers to read arbitrary files via unspecified vectors, aka SAP Security Note 2203591. |
| CVE-2016-6138 |
critical |
9.8 |
9.8 |
|
|
sap |
10y ago |
Directory traversal vulnerability in SAP TREX 7.10 Revision 63 allows remote attackers to read arbitrary files via unspecified vectors, aka SAP Security Note 2203591. |
| CVE-2016-3974 |
critical |
9.1 |
10.0 |
EXP |
|
sap |
10y ago |
XML external entity (XXE) vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to cause a denial of service, conduct SMB Relay attacks, or access… |
| CVE-2016-1929 |
critical |
9.3 |
9.3 |
|
|
sap |
11y ago |
The XS engine in SAP HANA allows remote attackers to spoof log entries in trace files and consequently cause a denial of service (disk consumption and process crash) via a crafted HTTP request, relat… |
| CVE-2016-1928 |
critical |
9.8 |
9.8 |
|
|
sap |
11y ago |
Buffer overflow in the XS engine (hdbxsengine) in SAP HANA allows remote attackers to cause a denial of service or execute arbitrary code via a crafted HTTP request, related to JSON, aka SAP Security… |
| CVE-2015-8753 |
critical |
9.1 |
9.1 |
|
|
sap |
11y ago |
SAP Afaria 7.0.6001.5 allows remote attackers to bypass authorization checks and wipe or lock mobile devices via a crafted request, related to "Insecure signature," aka SAP Security Note 2134905. |
| CVE-2015-7828 |
critical |
— |
10.0 |
|
|
sap |
11y ago |
SAP HANA Database 1.00 SPS10 and earlier do not require authentication, which allows remote attackers to execute arbitrary code or have unspecified other impact via a TrexNet packet to the (1) fcopyd… |
| CVE-2015-7730 |
critical |
— |
10.0 |
|
|
sap |
11y ago |
SAP BusinessObjects BI Platform 4.1, BusinessObjects Edge 4.0, and BusinessObjects XI (BOXI) 3.1 R3 allow remote attackers to cause a denial of service (out-of-bounds read and listener crash) via a c… |
| CVE-2015-7728 |
low |
— |
3.5 |
|
|
sap |
11y ago |
Cross-site scripting (XSS) vulnerability in user creation in the Web-based Development Workbench in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote authenticated users to inject arbitrary … |
| CVE-2015-7726 |
low |
— |
3.5 |
|
|
sap |
11y ago |
Cross-site scripting (XSS) vulnerability in role deletion in the Web-based Development Workbench in SAP HANA DB 1.00.091.00.1418659308 allows remote authenticated users to inject arbitrary web script… |
| CVE-2015-3621 |
critical |
— |
9.3 |
|
|
sap |
11y ago |
Untrusted search path vulnerability in SAP Enterprise Central Component (ECC) allows local users to gain privileges via a Trojan horse program. |
| CVE-2015-3978 |
low |
— |
2.1 |
|
|
sap |
11y ago |
SAP Sybase Unwired Platform Online Data Proxy allows local users to obtain usernames and passwords via the DataVault, aka SAP Security Note 2094830. |
| CVE-2015-1311 |
critical |
— |
10.0 |
|
|
sap |
12y ago |
The Extended Application Services (XS) in SAP HANA allows remote attackers to inject arbitrary ABAP code via unspecified vectors, aka SAP Note 2098906. NOTE: the provenance of this information is un… |
| CVE-2014-9387 |
critical |
— |
10.0 |
|
|
sap |
12y ago |
SAP BusinessObjects Edge 4.1 allows remote attackers to obtain the SI_PLATFORM_SEARCH_SERVER_LOGON_TOKEN token and gain privileges via a crafted CORBA call, aka SAP Note 2039905. |
| CVE-2013-3678 |
critical |
— |
9.0 |
|
|
sap |
12y ago |
Multiple unspecified vulnerabilities in SAP Governance, Risk, and Compliance (GRC) allow remote authenticated users to gain privileges and execute arbitrary programs via a crafted (1) RFC or (2) SOAP… |
| CVE-2014-8669 |
critical |
— |
10.0 |
|
|
sap |
12y ago |
The SAP Promotion Guidelines (CRM-MKT-MPL-TPM-PPG) module for SAP CRM allows remote attackers to execute arbitrary code via unspecified vectors. |
| CVE-2014-8661 |
critical |
— |
10.0 |
|
|
sap |
12y ago |
The SAP CRM Internet Sales module allows remote attackers to execute arbitrary commands via unspecified vectors. |
| CVE-2014-8312 |
low |
— |
3.5 |
|
|
sap |
12y ago |
Business Warehouse (BW) in SAP Netweaver AS ABAP 7.31 allows remote authenticated users to obtain sensitive information via a request to the RSDU_CCMS_GET_PROFILE_PARAM RFC function. |
| CVE-2014-8311 |
low |
— |
3.5 |
|
|
sap |
12y ago |
SAP BusinessObjects Edge 4.0 allows remote attackers to obtain sensitive information via an InfoStore query to a CORBA listener. |
| CVE-2014-5174 |
low |
— |
3.5 |
|
|
sap |
12y ago |
The SAP Netweaver Business Warehouse component does not properly restrict access to the functions in the BW-SYS-DB-DB4 function group, which allows remote authenticated users to obtain sensitive info… |
| CVE-2014-5171 |
low |
— |
2.9 |
|
|
sap |
12y ago |
SAP HANA Extend Application Services (XS) does not encrypt transmissions for applications that enable form based authentication using SSL, which allows remote attackers to obtain credentials and othe… |
| CVE-2013-7095 |
critical |
— |
10.0 |
|
|
sap |
13y ago |
The XML parser (crm_flex_data) in SAP Customer Relationship Management (CRM) 7.02 EHP 2 has unknown impact and attack vectors related to an XML External Entity (XXE) issue. |
| CVE-2013-6822 |
critical |
— |
10.0 |
|
|
sap |
13y ago |
GRMGApp in SAP NetWeaver allows remote attackers to have unspecified impact and attack vectors, related to an XML External Entity (XXE) issue. |
| CVE-2013-6820 |
critical |
— |
9.3 |
|
|
sap |
13y ago |
Unrestricted file upload vulnerability in the SAP NetWeaver Development Infrastructure (NWDI) allows remote attackers to execute arbitrary code by uploading a file with an executable extension via un… |
| CVE-2012-4341 |
critical |
— |
10.0 |
|
|
sap |
14y ago |
Multiple stack-based buffer overflows in msg_server.exe in SAP NetWeaver ABAP 7.x allow remote attackers to cause a denial of service (crash) and execute arbitrary code via a (1) long parameter value… |
| CVE-2012-2611 |
critical |
— |
10.0 |
EXP |
|
sap |
14y ago |
The DiagTraceR3Info function in the Dialog processor in disp+work.exe 7010.29.15.58313 and 7200.70.18.23869 in the Dispatcher in SAP NetWeaver 7.0 EHP1 and EHP2, when a certain Developer Trace config… |
| CVE-2010-2590 |
critical |
— |
10.0 |
EXP |
|
sap |
16y ago |
Heap-based buffer overflow in the CrystalReports12.CrystalPrintControl.1 ActiveX control in PrintControl.dll 12.3.2.753 in SAP Crystal Reports 2008 SP3 Fix Pack 3.2 allows remote attackers to execute… |
| CVE-2010-4556 |
critical |
— |
9.3 |
|
|
sap |
16y ago |
Stack-based buffer overflow in the SapThemeRepository ActiveX control (sapwdpcd.dll) in SAP NetWeaver Business Client allows remote attackers to execute arbitrary code via the (1) Load and (2) LoadTh… |
| CVE-2010-3983 |
critical |
— |
9.0 |
|
|
sap |
16y ago |
CmcApp in SAP BusinessObjects Enterprise XI 3.2 allows remote authenticated users to gain privileges via vectors involving the Program Job Server and the Program Login property. |
| CVE-2010-0219 |
critical |
— |
10.0 |
EXP |
|
apachesap |
16y ago |
Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier … |
| CVE-2009-4988 |
critical |
— |
10.0 |
EXP |
|
sap |
16y ago |
Stack-based buffer overflow in NT_Naming_Service.exe in SAP Business One 2005 A 6.80.123 and 6.80.320 allows remote attackers to execute arbitrary code via a long GIOP request to TCP port 30000. |
| CVE-2010-3032 |
critical |
— |
10.0 |
|
|
sap |
16y ago |
Integer overflow in the OBGIOPServerWorker::extractHeader function in the ebus-3-3-2-6.dll module in SAP Crystal Reports 2008 allows remote attackers to cause a denial of service (crash) and possibly… |
| CVE-2010-1185 |
critical |
— |
10.0 |
EXP |
|
sap |
16y ago |
Stack-based buffer overflow in serv.exe in SAP MaxDB 7.4.3.32, and 7.6.0.37 through 7.6.06 allows remote attackers to execute arbitrary code via an invalid length parameter in a handshake packet to T… |
