Export limit exceeded: 363098 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (1699 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2013-7364 1 Sap 1 Netweaver 2025-04-12 N/A
An unspecified J2EE core service in the J2EE Engine in SAP NetWeaver does not properly restrict access, which allows remote attackers to read and write to arbitrary files via unknown vectors.
CVE-2016-1928 1 Sap 1 Hana 2025-04-12 N/A
Buffer overflow in the XS engine (hdbxsengine) in SAP HANA allows remote attackers to cause a denial of service or execute arbitrary code via a crafted HTTP request, related to JSON, aka SAP Security Note 2241978.
CVE-2016-1911 1 Sap 1 Netweaver 2025-04-12 N/A
Multiple cross-site scripting (XSS) vulnerabilities in SAP NetWeaver 7.4 allow remote attackers to inject arbitrary web script or HTML via vectors related to the (1) Runtime Workbench (RWB) or (2) Pmitest servlet in the Process Monitoring Infrastructure (PMI), aka SAP Security Notes 2206793 and 2234918.
CVE-2013-7363 1 Sap 1 Solution Manager 2025-04-12 N/A
Unspecified vulnerability in the Diagnostics (SMD) agent in SAP Solution Manager allows remote attackers to obtain sensitive information, modify the configuration of applications, and install or remove applications via vectors involving the P4 protocol.
CVE-2016-1910 1 Sap 1 Netweaver 2025-04-12 N/A
The User Management Engine (UME) in SAP NetWeaver 7.4 allows attackers to decrypt unspecified data via unknown vectors, aka SAP Security Note 2191290.
CVE-2013-7361 1 Sap 2 Cm Services, Cms Services 2025-04-12 N/A
Directory traversal vulnerability in SAP CMS and CM Services allows attackers to upload arbitrary files via unspecified vectors.
CVE-2013-7362 1 Sap 1 Ccms Agent 2025-04-12 N/A
An unspecified RFC function in SAP CCMS Agent allows remote attackers to execute arbitrary commands via unknown vectors.
CVE-2016-10005 1 Sap 1 Solution Manager 2025-04-12 N/A
Webdynpro in SAP Solman 7.1 through 7.31 allows remote attackers to obtain sensitive information via webdynpro/dispatcher/sap.com/caf~eu~gp~example~timeoff~wd requests, aka SAP Security Note 2344524.
CVE-2015-8840 1 Sap 1 Netweaver Application Server Java 2025-04-12 8.8 High
The XML Data Archiving Service (XML DAS) in SAP NetWeaver AS Java does not check authorization, which allows remote authenticated users to obtain sensitive information, gain privileges, or possibly have unspecified other impact via requests to (1) webcontent/cas/cas_enter.jsp, (2) webcontent/cas/cas_validate.jsp, or (3) webcontent/aas/aas_store.jsp, aka SAP Security Note 1945215.
CVE-2015-8753 1 Sap 1 Afaria 2025-04-12 N/A
SAP Afaria 7.0.6001.5 allows remote attackers to bypass authorization checks and wipe or lock mobile devices via a crafted request, related to "Insecure signature," aka SAP Security Note 2134905.
CVE-2013-7358 1 Sap 1 Guided Procedures Archive Monitor 2025-04-12 N/A
Unspecified vulnerability in SAP Guided Procedures Archive Monitor allows remote attackers to obtain usernames, roles, profiles, and possibly other identity information via unknown vectors.
CVE-2015-8600 1 Sap 1 Mobile Platform 2025-04-12 N/A
The SysAdminWebTool servlets in SAP Mobile Platform allow remote attackers to bypass authentication and obtain sensitive information, gain privileges, or have unspecified other impact via unknown vectors, aka SAP Security Note 2227855.
CVE-2015-8330 1 Sap 1 Plant Connectivity 2025-04-12 N/A
The PCo agent in SAP Plant Connectivity (PCo) allows remote attackers to cause a denial of service (memory corruption and agent crash) via crafted xMII requests, aka SAP Security Note 2238619.
CVE-2013-7357 1 Sap 1 J2ee Engine 2025-04-12 N/A
Unspecified vulnerability in the configuration service in SAP J2EE Engine allows remote attackers to obtain credential information via unknown vectors.
CVE-2013-7356 1 Sap 1 Ccms \/ Database Monitor 2025-04-12 N/A
Unspecified vulnerability in the SAP CCMS / Database Monitors for Oracle allows attackers to obtain the database password via unknown vectors.
CVE-2015-8329 1 Sap 1 Manufacturing Integration And Intelligence 2025-04-12 N/A
SAP Manufacturing Integration and Intelligence (aka MII, formerly xMII) uses weak encryption (Base64 and DES), which allows attackers to conduct downgrade attacks and decrypt passwords via unspecified vectors, aka SAP Security Note 2240274.
CVE-2015-8030 1 Sap 1 3d Visual Enterprise Viewer 2025-04-12 N/A
SAP 3D Visual Enterprise Viewer (VEV) allows remote attackers to execute arbitrary code via a crafted (1) U3D, (2) LWO, (3) JPEG2000, or (4) FBX file, aka "Out-Of-Bounds Indexing" vulnerabilities.
CVE-2015-8029 1 Sap 1 3d Visual Enterprise Viewer 2025-04-12 N/A
SAP 3D Visual Enterprise Viewer (VEV) allows remote attackers to execute arbitrary code via a crafted Filmbox document, which triggers memory corruption.
CVE-2013-7359 1 Sap 1 Mobile Infrastructure 2025-04-12 N/A
Unspecified vulnerability in SAP Mobile Infrastructure allows remote attackers to obtain sensitive port information via unknown vectors, related to an "internal port scanning" issue.
CVE-2015-8028 1 Sap 1 3d Visual Enterprise Viewer 2025-04-12 N/A
Multiple buffer overflows in SAP 3D Visual Enterprise Viewer (VEV) allow remote attackers to execute arbitrary code via a crafted (1) 3DM or (2) Flic Animation file.