Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Netweaver
(Sap)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 100 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2014-11-04 | CVE-2014-8592 | Unspecified vulnerability in SAP Host Agent, as used in SAP NetWeaver 7.02 and 7.3, allows remote attackers to cause a denial of service (process termination) via a crafted request. | Netweaver | N/A | ||
| 2014-11-04 | CVE-2014-8591 | Unspecified vulnerability in SAP Internet Communication Manager (ICM), as used in SAP NetWeaver 7.02 and 7.3, allows remote attackers to cause a denial of service (process termination) via unknown vectors. | Netweaver | N/A | ||
| 2014-09-05 | CVE-2014-6252 | Buffer overflow in disp+work.exe 7000.52.12.34966 and 7200.117.19.50294 in the Dispatcher in SAP NetWeaver 7.00 and 7.20 allows remote authenticated users to cause a denial of service or execute arbitrary code via unspecified vectors. | Netweaver | N/A | ||
| 2014-06-09 | CVE-2014-4003 | The System Landscape Directory (SLD) in SAP NetWeaver allows remote attackers to modify information via vectors related to adding a system. | Netweaver | N/A | ||
| 2014-05-19 | CVE-2014-3787 | SAP NetWeaver 7.20 and earlier allows remote attackers to read arbitrary SAP Central User Administration (SAP CUA) tables via unspecified vectors. | Netweaver | N/A | ||
| 2014-02-14 | CVE-2014-1965 | Cross-site scripting (XSS) vulnerability in ISpeakAdapter in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component 3.0, 7.00 through 7.02, and 7.10 through 7.11 for SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to PIP. | Netweaver | N/A | ||
| 2014-02-14 | CVE-2014-1964 | Cross-site scripting (XSS) vulnerability in the Integration Repository in the SAP Exchange Infrastructure (BC-XI) component in SAP NetWeaver allows remote attackers to inject arbitrary web script or HTML via vectors related to the ESR application and a DIR error. | Netweaver, Netweaver_exchange_infrastructure_\(Bc\-Xi\) | N/A | ||
| 2014-02-14 | CVE-2014-1963 | Unspecified vulnerability in Message Server in SAP NetWeaver 7.20 allows remote attackers to cause a denial of service via unknown attack vectors. | Netweaver | N/A | ||
| 2014-02-14 | CVE-2014-1961 | Unspecified vulnerability in the Portal WebDynPro in SAP NetWeaver allows remote attackers to obtain sensitive path information via unknown attack vectors. | Netweaver | N/A | ||
| 2014-02-14 | CVE-2014-1960 | The Solution Manager in SAP NetWeaver does not properly restrict access, which allows remote attackers to obtain sensitive information via unspecified vectors. | Netweaver, Netweaver_solution_manager | N/A |