Show filters
70 Total Results
Displaying 61-70 of 70
Sort by:
Attacker Value
Unknown

CVE-2018-2368

Disclosure Date: March 01, 2018 (last updated November 26, 2024)
SAP NetWeaver System Landscape Directory, LM-CORE 7.10, 7.20, 7.30, 7.31, 7.40, does not perform any authentication checks for functionalities that require user identity.
0
0
Attacker Value
Unknown

CVE-2016-4015

Disclosure Date: April 14, 2016 (last updated November 25, 2024)
The Enqueue Server in SAP NetWeaver JAVA AS 7.1 through 7.4 allows remote attackers to cause a denial of service (process crash) via a crafted request, aka SAP Security Note 2258784.
0
0
Attacker Value
Unknown

CVE-2014-3787

Disclosure Date: May 19, 2014 (last updated October 05, 2023)
SAP NetWeaver 7.20 and earlier allows remote attackers to read arbitrary SAP Central User Administration (SAP CUA) tables via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2014-3129

Disclosure Date: April 30, 2014 (last updated October 05, 2023)
The Java Server Pages in the Software Lifecycle Manager (SLM) in SAP NetWeaver allows remote attackers to obtain sensitive information via a crafted request, related to SAP Solution Manager 7.1.
0
0
Attacker Value
Unknown

CVE-2014-1960

Disclosure Date: February 14, 2014 (last updated October 05, 2023)
The Solution Manager in SAP NetWeaver does not properly restrict access, which allows remote attackers to obtain sensitive information via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2014-1965

Disclosure Date: February 14, 2014 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in ISpeakAdapter in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component 3.0, 7.00 through 7.02, and 7.10 through 7.11 for SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to PIP.
0
0
Attacker Value
Unknown

CVE-2013-6815

Disclosure Date: November 20, 2013 (last updated October 05, 2023)
The SHSTI_UPLOAD_XML function in the Application Server for ABAP (AS ABAP) in SAP NetWeaver 7.31 and earlier allows remote attackers to cause a denial of service via unspecified vectors, related to an XML External Entity (XXE) issue.
0
0
Attacker Value
Unknown

CVE-2013-6244

Disclosure Date: October 24, 2013 (last updated October 05, 2023)
The Live Update webdynpro application (webdynpro/dispatcher/sap.com/tc~slm~ui_lup/LUP) in SAP NetWeaver 7.31 and earlier allows remote attackers to read arbitrary files and directories via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
0
0
Attacker Value
Unknown

CVE-2013-5751

Disclosure Date: September 16, 2013 (last updated October 05, 2023)
Directory traversal vulnerability in SAP NetWeaver 7.x allows remote attackers to read arbitrary files via unspecified vectors.
0
0
Attacker Value
Unknown

CVE-2011-5263

Disclosure Date: February 12, 2013 (last updated October 05, 2023)
Cross-site scripting (XSS) vulnerability in RetrieveMailExamples in SAP NetWeaver 7.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the server parameter.
0
0
View More Topics  < Previous