sap

1,577 tracked vulnerabilities.

CVE-2009-3345
SAP Crystal Reports Server 2008 - Heap-Based Buffer Overflow
Sep 24, 2009
EPSS 0.02
CVE-2009-3344
SAP Crystal Reports Server 2008 - Denial of Service via Infinite Loop
Sep 24, 2009
EPSS 0.02
CVE-2009-2932
SAP NetWeaver Application Server (Java) 7.0 - Cross-Site Scripting via UDDI Client TModel Key Field
Aug 21, 2009
EPSS 0.02
CVE-2008-4830
SAP GUI 6.40 Patch 29 and 7.10 Patch 5 - Arbitrary File Write and Read via KWEdit ActiveX Control
Apr 16, 2009
EPSS 0.28
CVE-2008-3358
SAP NetWeaver - Web Dynpro WD - XSS
Jan 28, 2009
EPSS 0.02
CVE-2008-4827
ComponentOne SizerOne 8.0.20081.140 - Remote Code Execution via Tab Caption Overflow
Jan 08, 2009
EPSS 0.07
CVE-2008-4387
SAP SAPgui - Remote Code Execution via Simba MDrmSap ActiveX Control
Nov 10, 2008
EPSS 0.15
CVE-2008-1810
SAP MaxDB <7.6.03.15 - Privilege Escalation
Aug 01, 2008
EPSS 0.00
CVE-2008-2421
SAP Web Application Server 7.0 - Cross-Site Scripting via PATH_INFO to Web GUI
May 23, 2008
EPSS 0.02
CVE-2008-2123
SAP Internet Transaction Server 6.20 - Cross-Site Scripting via WGate ~service Parameter
May 09, 2008
EPSS 0.02
CVE-2008-1846
SAP NetWeaver < 7.0 - Cross-Site Scripting via Feedback Input
Apr 16, 2008
EPSS 0.01
CVE-2008-0306
SAP MaxDB <7.6.0.37 - Command Injection
Mar 11, 2008
EPSS 0.00
CVE-2008-0307
SAP MaxDB 7.6.0.37 - Remote Code Execution via Integer Signedness Error
Mar 11, 2008
EPSS 0.04
CVE-2008-0620
SAPLPD <= 6.28 - Denial of Service via 0x53 LPD Command
Feb 06, 2008
EPSS 0.03
CVE-2008-0621
SAPLPD < 6.28 - Remote Code Execution via Long LPD Command Arguments
Feb 06, 2008
EPSS 0.73
CVE-2008-0244
SAP MaxDB < 7.6.3_build_007 - Remote Command Execution via Shell Metacharacters in exec_sdbinfo
Jan 12, 2008
EPSS 0.80
CVE-2007-4475
SAP AG SAPgui <7.10 PL9 - Buffer Overflow
Apr 01, 2009
EPSS 0.40
CVE-2007-6254
SAP Business Objects <6.5 - Buffer Overflow
Mar 20, 2008
EPSS 0.06
CVE-2007-3624
SAP Message Server - Remote Code Execution via Long Group Parameter
Jul 09, 2007
EPSS 0.37
CVE-2007-3605
EnjoySAP SAP GUI - Stack-Based Buffer Overflow via PrepareToPostHTML Function
Jul 06, 2007
EPSS 0.70
CVE-2007-3606
SAP EnjoySAP - Heap-Based Buffer Overflow via LaunchGui Function
Jul 06, 2007
EPSS 0.08
CVE-2007-3607
EnjoySAP - Denial of Service via ActiveX Control
Jul 06, 2007
EPSS 0.04
CVE-2007-3608
EnjoySAP SAP GUI - Unspecified Vuln
Jul 06, 2007
EPSS 0.03
CVE-2007-3613
SAP Internet Graphics Server - Cross-Site Scripting via ADM:GETLOGFILE PARAMS Parameter
Jul 06, 2007
EPSS 0.02
CVE-2007-3614
SAP DB - Remote Code Execution via Stack-Based Buffer Overflow in waHTTP.exe
Jul 06, 2007
EPSS 0.70