Due to improper input handling under certain conditions, SAP NetWeaver Application Server ABAP allows an attacker to inject custom Cascading Style Sheets (CSS) data into a web page served by the appl…
An OS Command Injection vulnerability exists in the SAP NetWeaver Application Server for ABAP and ABAP Platform that allows an authenticated attacker with administrative access to execute specially c…
Due to a reflected cross-site scripting (XSS) vulnerability in SAP NetWeaver Application Server ABAP (Applications based on Business Server Pages), an unauthenticated attacker could craft a URL that …
During authorization checks in SAP Human Capital Management for SAP S/4HANA, the system returns specific messages. Due to this, an authenticated user with low privileges could guess and enumerate the…
Due to an Open Redirect vulnerability in SAP NetWeaver Application Server ABAP, an unauthenticated attacker could craft malicious URL that, if accessed by a victim, they could be redirected to the pa…
Due to missing authorization checks in the SAP S/4HANA frontend OData Service (Manage Reference Structures), an attacker could update and delete child entities via exposed OData services without prop…
Due to a Code Injection vulnerability in SAP NetWeaver Application Server Java (Web Dynpro Java), an unauthenticated attacker could supply crafted input that is interpreted by the application and cau…
Due to a missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker with user privileges could read Database Analyzer Log Files via a specific RFC function mo…
SAP NetWeaver Application Server for ABAP provides an ABAP Report for testing purposes, which allows to send HTTP requests to arbitrary internal or external endpoints. The report is therefore vulnera…
Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker could execute specific ABAP function module and read the sensitive information from database…
Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker could execute specific ABAP function module to read, modify or insert entries into the datab…
SAP Note Assistant tool (SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31,7.40, from 7.50 to 7.52) supports upload of digitally signed note file of type 'SAR'. The digital signature verific…
The user self-service tools of SAP HANA extended application services, classic user self-service, a part of SAP HANA Database versions 1.00 and 2.00, can be misused to enumerate valid and invalid use…
Cross-Site scripting (XSS) in SAP Business Warehouse Universal Data Integration, from 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, due to insufficient encoding of user controlled inputs.
SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, and 4.30, does not perform authentication checks for functionalities that require user identity.
Denial of Service (DOS) in SAP Business Objects Platform, Enterprise 4.10 and 4.20, that could allow an attacker to prevent legitimate users from accessing a service.
Cross-Site Scripting (XSS) vulnerability in SAP Business Intelligence Promotion Management Application, Enterprise 4.10, 4.20, 4.30, as user controlled inputs are not sufficiently encoded.
Server Side Request Forgery (SSRF) vulnerability in SAP NetWeaver Knowledge Management Configuration Service, EPBC and EPBC2 from 7.00 to 7.02; KMC-BC 7.30, 7.31, 7.40 and 7.50, that allows an attack…
Xpress Server in SAP POS does not require authentication for file read and erase operations, daemon shutdown, terminal read operations, or certain attacks on credentials. This is SAP Security Note 25…
Cross site scripting (XSS) vulnerability in SAP Enterprise Portal 7.50 allows remote attackers to inject arbitrary web script or HTML, aka SAP Security Notes 2469860, 2471209, and 2488516.
Cross-site scripting (XSS) vulnerability in the DataArchivingService servlet in SAP NetWeaver Portal 7.4 allows remote attackers to inject arbitrary web script or HTML via the responsecode parameter …
SAP TREX 7.10 allows remote attackers to (1) read arbitrary files via an fget command or (2) write to arbitrary files and consequently execute arbitrary code via an fdir command, aka SAP Security Not…
Cross-site scripting (XSS) vulnerability in the ctcprotocol/Protocol servlet in SAP NetWeaver AS JAVA 7.3 allows remote attackers to inject arbitrary web script or HTML via the sessionID parameter, a…
XML external entity (XXE) vulnerability in com.sap.km.cm.ice in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attac…
Stored Cross-site scripting (XSS) vulnerability in SAP SuccessFactors before b1705.1234962 allows remote authenticated users to inject arbitrary web script or HTML via the file upload functionality.
SAP Business One for Android 1.2.3 allows remote attackers to conduct XML External Entity (XXE) attacks via crafted XML data in a request to B1iXcellerator/exec/soap/vP.001sap0003.in_WCSX/com.sap.b1i…
SQL injection vulnerability in SAP Business Intelligence platform before January 2017 allows remote attackers to obtain sensitive information, modify data, cause a denial of service (data deletion), …
Stack-based buffer overflow in SAP NetWeaver 7.0 through 7.5 allows remote attackers to cause a denial of service () by sending a crafted packet to the SAPSTARTSRV port, aka SAP Security Note 2295238.
Buffer overflow in the MobiLink Synchronization Server component in SAP SQL Anywhere 17 and possibly earlier allows remote authenticated users to cause a denial of service (resource consumption and p…
The SAP EP-RUNTIME component in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to cause a denial of service (out-of-memory error and service instability) via a crafted serialized Java ob…
SAP GUI 7.2 through 7.5 allows remote attackers to bypass intended security policy restrictions and execute arbitrary code via a crafted ABAP code, aka SAP Security Note 2407616.
Cross-site scripting (XSS) vulnerability in the help component of SAP BusinessObjects Financial Consolidation 10.0.0.1933 allows remote attackers to inject arbitrary web script or HTML via a GET requ…
Hybris Management Console (HMC) in SAP Hybris before 6.0 allows remote attackers to obtain sensitive information by triggering an error and then reading a Java stack trace.
Cross-site scripting (XSS) vulnerability in the Create Employee feature in Hybris Management Console (HMC) in SAP Hybris before 5.0.4.11, 5.1.0.x before 5.1.0.11, 5.1.1.x before 5.1.1.12, 5.2.0.x and…
Cross-site scripting (XSS) vulnerability in the Create Catalogue feature in Hybris Management Console (HMC) in SAP Hybris before 5.2.0.13, 5.3.x before 5.3.0.11, 5.4.x before 5.4.0.11, 5.5.0.x before…
Cross-site scripting (XSS) vulnerability in the Inbox Search feature in Hybris Management Console (HMC) in SAP Hybris before 6.0 allows remote attackers to inject arbitrary web script or HTML via the…
SAP Download Manager 2.1.142 and earlier generates an encryption key from a small key space on Windows and Mac systems, which allows context-dependent attackers to obtain sensitive configuration info…
SAP Download Manager 2.1.142 and earlier uses a hardcoded encryption key to protect stored data, which allows context-dependent attackers to obtain sensitive configuration information by leveraging k…
The DSA algorithm implementation in SAP SAPCRYPTOLIB 5.555.38 does not properly check signatures, which allows remote authenticated users to impersonate arbitrary users via unspecified vectors, aka S…
SAP SLD Registration Program (aka SLDREG) allows local users to cause a denial of service (memory corruption and process termination) via a crafted HOST parameter, aka SAP Security Note 2125623.
The (1) SCTC_REFRESH_EXPORT_TAB_COMP, (2) SCTC_REFRESH_CHECK_ENV, and (3) SCTC_TMS_MAINTAIN_ALOG functions in the SCTC subpackage in SAP Netweaver 7.40 SP 12 allow remote authenticated users with cer…
The NameServer in SAP TREX 7.10 Revision 63 allows remote attackers to obtain sensitive TNS information via an unspecified query, aka SAP Security Note 2234226.
An unspecified function in SAP TREX 7.10 Revision 63 allows remote attackers to execute arbitrary OS commands via unknown vectors, aka SAP Security Note 2203591.
SAP HANA DB 1.00.091.00.1418659308 allows remote attackers to obtain sensitive topology information via an unspecified HTTP request, aka SAP Security Note 2176128.
SAP SAPCAR allows local users to change the permissions of arbitrary files and consequently gain privileges via a hard link attack on files extracted from an archive, possibly related to SAP Security…
SAP SAPCAR does not check the return value of file operations when extracting files, which allows remote attackers to cause a denial of service (program crash) via an invalid file name in an archive …
The multi-tenant database container feature in SAP HANA does not properly encrypt communications, which allows remote attackers to bypass intended access restrictions and possibly have unspecified ot…
SAP HANA SPS09 1.00.091.00.14186593 allows local users to obtain sensitive information by leveraging the EXPORT statement to export files, aka SAP Security Note 2252941.
An unspecified interface in SAP TREX 7.10 Revision 63 allows remote attackers to execute arbitrary OS commands with SIDadm privileges via unspecified vectors, aka SAP Security Note 2234226.
The SQL interface in SAP HANA DB 1.00.091.00.1418659308 provides different error messages for failed login attempts depending on whether the username exists and is locked when the detailed_error_on_c…
Directory traversal vulnerability in SAP TREX 7.10 Revision 63 allows remote attackers to read arbitrary files via unspecified vectors, aka SAP Security Note 2203591.
The Extended Application Services (aka XS or XS Engine) in SAP HANA DB 1.00.091.00.1418659308 allows local users to obtain sensitive password information via vectors related to passwords in Web Dispa…
Cross-site scripting (XSS) vulnerability in SAP Manufacturing Integration and Intelligence (aka MII, formerly xMII) 15 allows remote attackers to inject arbitrary web script or HTML via the title par…
Cross-site scripting (XSS) vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to inject arbitrary web script or HTML via the navigationTarget parameter to irj/servlet/prt/…
XML external entity (XXE) vulnerability in the Configuration Wizard in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to cause a denial of service, conduct SMB Relay attacks, or access…
The chat feature in the Real-Time Collaboration (RTC) services 7.3 and 7.4 in SAP NetWeaver Java AS 7.1 through 7.5 allows remote attackers to obtain sensitive user information by visiting webdynpro/…
Multiple cross-site scripting (XSS) vulnerabilities in the Java Proxy Runtime ProxyServer servlet in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via the (1) ns or …
The XS engine in SAP HANA allows remote attackers to spoof log entries in trace files and consequently cause a denial of service (disk consumption and process crash) via a crafted HTTP request, relat…
Buffer overflow in the XS engine (hdbxsengine) in SAP HANA allows remote attackers to cause a denial of service or execute arbitrary code via a crafted HTTP request, related to JSON, aka SAP Security…
Multiple cross-site scripting (XSS) vulnerabilities in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) Runtime Workbench (RWB) or (2) Pm…
SAP Afaria 7.0.6001.5 allows remote attackers to bypass authorization checks and wipe or lock mobile devices via a crafted request, related to "Insecure signature," aka SAP Security Note 2134905.
SAP Manufacturing Integration and Intelligence (aka MII, formerly xMII) uses weak encryption (Base64 and DES), which allows attackers to conduct downgrade attacks and decrypt passwords via unspecifie…
SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote authenticated users to cause a denial of service (memory corruption and indexserver crash) via unspecified vectors to the EXECUTE_SEARCH_RUL…
The Web Dispatcher service in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote attackers to read web dispatcher and security trace files and possibly obtain passwords via unspecified vector…
SAP HANA Database 1.00 SPS10 and earlier do not require authentication, which allows remote attackers to execute arbitrary code or have unspecified other impact via a TrexNet packet to the (1) fcopyd…
SAP 3D Visual Enterprise Viewer (VEV) allows remote attackers to execute arbitrary code via a crafted (1) U3D, (2) LWO, (3) JPEG2000, or (4) FBX file, aka "Out-Of-Bounds Indexing" vulnerabilities.
SAP 3D Visual Enterprise Viewer (VEV) allows remote attackers to execute arbitrary code via a crafted Filmbox document, which triggers memory corruption.
Multiple buffer overflows in SAP 3D Visual Enterprise Viewer (VEV) allow remote attackers to execute arbitrary code via a crafted (1) 3DM or (2) Flic Animation file.
SAP BusinessObjects BI Platform 4.1, BusinessObjects Edge 4.0, and BusinessObjects XI (BOXI) 3.1 R3 allow remote attackers to cause a denial of service (out-of-bounds read and listener crash) via a c…
Eval injection in test-net.xsjs in the Web-based Development Workbench in SAP HANA Developer Edition DB 1.00.091.00.1418659308 allows remote authenticated users to execute arbitrary XSJS code via uns…
Multiple SQL injection vulnerabilities in the Web-based Development Workbench in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allow remote authenticated users to execute arbitrary SQL commands via un…
Multiple SQL injection vulnerabilities in the Web-based Development Workbench in SAP HANA DB 1.00.091.00.1418659308 allow remote authenticated users to execute arbitrary SQL commands via the (1) remo…
XML external entity (XXE) vulnerability in the application import functionality in SAP Mobile Platform 2.3 allows remote attackers to read arbitrary files and possibly have other unspecified impact v…
Cross-site scripting (XSS) vulnerability in the Client form in the Device Inspector page in SAP Afaria 7 allows remote attackers to inject arbitrary web script or HTML via crafted client name data, a…
XML external entity (XXE) vulnerability in SAP NetWeaver Portal 7.4 allows remote attackers to read arbitrary files and possibly have other unspecified impact via crafted XML data, aka SAP Security N…
SAP ABAP & Java Server allows remote attackers to cause a denial of service (service termination) via unspecified vectors, aka SAP Security Note 2121661.
The LZH decompression implementation (CsObjectInt::BuildHufTree function in vpa108csulzh.cpp) in SAP MaxDB 7.5 and 7.6, Netweaver Application Server ABAP, Netweaver Application Server Java, Netweaver…
SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote authenticated users to read arbitrary files via an IMPORT FROM SQL statement, aka SAP Security Note 2109565.
The grant.xsfunc application in testApps/grantAccess/ in the XS Engine in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote authenticated users to spoof log entries via a crafted request, ak…
Buffer overflow in XcListener in SAP Afaria 7.0.6001.5 allows remote attackers to cause a denial of service (process termination) via a crafted request, aka SAP Security Note 2132584.
XML external entity (XXE) vulnerability in SAP Mobile Platform 3 allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Security Note 2125513.
The SAP Management Console in SAP NetWeaver 7.40 allows remote attackers to obtain sensitive information via the ReadProfile parameters, aka SAP Security Note 2091768.
Buffer overflow in the C_SAPGPARAM function in the NetWeaver Dispatcher in SAP KERNEL 7.00 (7000.52.12.34966) and 7.40 (7400.12.21.30308) allows remote authenticated users to cause a denial of servic…
SAP EMR Unwired (com.sap.mobile.healthcare.emr.v2) and Clinical Task Tracker (com.sap.mobile.healthcare.ctt) does not properly restrict access, which allows remote attackers to change the backendurl,…
XML external entity (XXE) vulnerability in SAP Mobile Platform allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Security Note 2125358.
XML external entity (XXE) vulnerability in XMLValidationComponent in SAP NetWeaver Portal 7.31.201109172004 allows remote attackers to send requests to intranet servers via crafted XML, aka SAP Secur…
