sap

1,577 tracked vulnerabilities.

CVE-2007-3615
SAP Internet Communication Manager - Denial of Service via sap-isc-key Parameter
Jul 06, 2007
EPSS 0.02
CVE-2007-3495
SAP Basis Component 640 < SP19 and 700 < SP11 - Cross-Site Scripting via Login Error Page Parameters
Jun 29, 2007
EPSS 0.01
CVE-2007-3496
SAP NetWeaver Nw04 SP15-SP19 and Nw04s SP7-SP11 - Cross-Site Scripting via User-Agent HTTP Header
Jun 29, 2007
EPSS 0.02
CVE-2007-1913
SAP RFC Library <7.00 - Info Disclosure
Apr 10, 2007
EPSS 0.02
CVE-2007-1914
SAP RFC Library <7.00 - Info Disclosure
Apr 10, 2007
EPSS 0.02
CVE-2007-1915
SAP RFC Library 6.40 and 7.00 - Buffer Overflow in RFC_START_PROGRAM Function
Apr 10, 2007
EPSS 0.04
CVE-2007-1916
SAP RFC Library 6.40 and 7.00 - Buffer Overflow in RFC_START_GUI Function
Apr 10, 2007
EPSS 0.07
CVE-2007-1917
SAP RFC Library 6.40 and 7.00 - Buffer Overflow in SYSTEM_CREATE_INSTANCE Function
Apr 10, 2007
EPSS 0.07
CVE-2007-1918
SAP RFC Library 6.40 and 7.00 - Denial of Service via RFC_SET_REG_SERVER_PROPERTY Function
Apr 10, 2007
EPSS 0.03
CVE-2006-7220
SAP SAPLPD and SAPSPRINT - Denial of Service via Print Job Request
Jul 10, 2007
EPSS 0.01
CVE-2006-6345
SAP Internet Graphics Server < 6.40 Patch 16 - Directory Traversal & File Deletion
Dec 07, 2006
EPSS 0.02
CVE-2006-6346
SAP IGS <7.00.3 - DoS/Info Disclosure
Dec 07, 2006
EPSS 0.03
CVE-2006-6010
SAP Web Application Server - Information Disclosure via RFC_SYSTEM_INFO RfcCallReceive Request
Nov 21, 2006
EPSS 0.14
CVE-2006-6011
SAP Web Application Server - Denial of Service via UDP Packet to Port 64999
Nov 21, 2006
EPSS 0.01
CVE-2006-5784
SAP Web Application Server <7.00 - Info Disclosure
Nov 07, 2006
EPSS 0.03
CVE-2006-5785
SAP Web Application Server 6.40-7.00 - Denial of Service via UDP Port 64999
Nov 07, 2006
EPSS 0.02
CVE-2006-5114
SAP Internet Transaction Server 6.1-6.2 - Cross-Site Scripting via ~urlmime or ~command Parameter
Oct 03, 2006
EPSS 0.02
CVE-2006-4133
SAP Internet Graphics Service 6.40 and 7.00 - Remote Code Execution via ADM:GETLOGFILE Command
Aug 14, 2006
EPSS 0.06
CVE-2006-4134
SAP Internet Graphics Service 6.40 and earlier, 7.00 and earlier - Remote Denial of Service via HTTP Requests
Aug 14, 2006
EPSS 0.05
CVE-2006-2547
SAP sapdba - OS Command Injection via Environment Variable
May 23, 2006
EPSS 0.03
CVE-2006-1039
SAP Web Application Server - HTTP Response Injection via Encoded Headers
Mar 07, 2006
EPSS 0.03
CVE-2006-0731
SAP Business Connector Core Fix <7 - CSRF
Feb 16, 2006
EPSS 0.03
CVE-2006-0732
SAP Business Connector 4.6-4.7 - Directory Traversal via fullName Parameter
Feb 16, 2006
EPSS 0.03
CVE-2005-4815
SAP R/3 - Remote Code Execution via UDP Packet
Dec 31, 2005
EPSS 0.03
CVE-2005-3633
SAP Web Application Server 6.10-7.00 - HTTP Response Splitting via sap-exiturl Parameter
Nov 16, 2005
EPSS 0.02