| CVE-2017-9843 |
low |
2.7 |
2.7 |
|
|
sap |
9y ago |
SAP NetWeaver AS ABAP 7.40 allows remote authenticated users with certain privileges to cause a denial of service (process crash) via vectors involving disp+work.exe, aka SAP Security Note 2406841. |
| CVE-2016-7437 |
low |
3.3 |
3.3 |
|
|
sap |
10y ago |
SAP Netweaver 7.40 improperly logs (1) DUI and (2) DUJ events in the SAP Security Audit Log as non-critical, which might allow local users to hide rejected attempts to execute RFC function callbacks … |
| CVE-2015-7728 |
low |
— |
3.5 |
|
|
sap |
11y ago |
Cross-site scripting (XSS) vulnerability in user creation in the Web-based Development Workbench in SAP HANA DB 1.00.73.00.389160 (NewDB100_REL) allows remote authenticated users to inject arbitrary … |
| CVE-2015-7726 |
low |
— |
3.5 |
|
|
sap |
11y ago |
Cross-site scripting (XSS) vulnerability in role deletion in the Web-based Development Workbench in SAP HANA DB 1.00.091.00.1418659308 allows remote authenticated users to inject arbitrary web script… |
| CVE-2015-3978 |
low |
— |
2.1 |
|
|
sap |
11y ago |
SAP Sybase Unwired Platform Online Data Proxy allows local users to obtain usernames and passwords via the DataVault, aka SAP Security Note 2094830. |
| CVE-2014-8312 |
low |
— |
3.5 |
|
|
sap |
12y ago |
Business Warehouse (BW) in SAP Netweaver AS ABAP 7.31 allows remote authenticated users to obtain sensitive information via a request to the RSDU_CCMS_GET_PROFILE_PARAM RFC function. |
| CVE-2014-8311 |
low |
— |
3.5 |
|
|
sap |
12y ago |
SAP BusinessObjects Edge 4.0 allows remote attackers to obtain sensitive information via an InfoStore query to a CORBA listener. |
| CVE-2014-5174 |
low |
— |
3.5 |
|
|
sap |
12y ago |
The SAP Netweaver Business Warehouse component does not properly restrict access to the functions in the BW-SYS-DB-DB4 function group, which allows remote authenticated users to obtain sensitive info… |
| CVE-2014-5171 |
low |
— |
2.9 |
|
|
sap |
12y ago |
SAP HANA Extend Application Services (XS) does not encrypt transmissions for applications that enable form based authentication using SSL, which allows remote attackers to obtain credentials and othe… |
