SAP

Netweaver Application Server Abap

81 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2024-24740

  • EPSS 0.19%
  • Published 13.02.2024 03:15:08
  • Last modified 21.11.2024 08:59:36

SAP NetWeaver Application Server (ABAP) - versions KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.93, KERNEL 7.94, KRNL64UC 7.53, under certain conditions, allows an attacker to access information which could otherwise be r...

5.4

CVE-2024-21738

  • EPSS 0.2%
  • Published 09.01.2024 02:15:46
  • Last modified 21.11.2024 08:54:54

SAP NetWeaver ABAP Application Server and ABAP Platform do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. An attacker with low privileges can cause limited impact to confidentiality of the appli...

9.4

CVE-2023-49581

  • EPSS 0.07%
  • Published 12.12.2023 02:15:07
  • Last modified 21.11.2024 08:33:35

SAP GUI for Windows and SAP GUI for Java allow an unauthenticated attacker to access information which would otherwise be restricted and confidential. In addition, this vulnerability allows the unauthenticated attacker to write data to a database tab...

5.3

CVE-2023-41366

  • EPSS 0.22%
  • Published 14.11.2023 01:15:07
  • Last modified 21.11.2024 08:21:10

Under certain condition SAP NetWeaver Application Server ABAP - versions KERNEL 722, KERNEL 7.53, KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.54, KERNEL 7.91, KERNEL 7.92, KERNEL 7.93, KERNEL 7.94, KERNEL64UC 7.22, KERNEL64UC 7.22EXT, KERNEL64UC ...

5.4

CVE-2023-40624

  • EPSS 0.11%
  • Published 12.09.2023 03:15:13
  • Last modified 21.11.2024 08:19:50

SAP NetWeaver AS ABAP (applications based on Unified Rendering) - versions SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, SAP_UI 758, SAP_BASIS 702, SAP_BASIS 731, allows an attacker to inject JavaScript code that can be executed in the web-applicat...

9.8

CVE-2023-40309

  • EPSS 0.16%
  • Published 12.09.2023 03:15:12
  • Last modified 21.11.2024 08:19:12

SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing or wrong authorization checks for an authenticated user, resulting in escalation of privileges. Depending on the application and the level of privileges...

7.5

CVE-2023-40308

  • EPSS 0.13%
  • Published 12.09.2023 02:15:12
  • Last modified 21.11.2024 08:19:12

SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component to crash making it unavailable. There is no abilit...

6.5

CVE-2023-37492

  • EPSS 0.09%
  • Published 08.08.2023 01:15:18
  • Last modified 21.11.2024 08:11:49

SAP NetWeaver Application Server ABAP and ABAP Platform - versions SAP_BASIS 700, SAP_BASIS 701, SAP_BASIS 702, SAP_BASIS 731, SAP_BASIS 740, SAP_BASIS 750, SAP_BASIS 752, SAP_BASIS 753, SAP_BASIS 754, SAP_BASIS 755, SAP_BASIS 756, SAP_BASIS 757, SAP...

7.4

CVE-2023-35874

  • EPSS 0.1%
  • Published 11.07.2023 03:15:10
  • Last modified 21.11.2024 08:08:53

SAP NetWeaver Application Server ABAP and ABAP Platform - version KRNL64NUC, 7.22, KRNL64NUC 7.22EXT, KRNL64UC 7.22, KRNL64UC 7.22EXT, KRNL64UC 7.53, KERNEL 7.22, KERNEL, 7.53, KERNEL 7.77, KERNEL 7.81, KERNEL 7.85, KERNEL 7.89, KERNEL 7.54, KERNEL 7...

6.5

CVE-2023-28763

  • EPSS 0.23%
  • Published 11.04.2023 03:15:07
  • Last modified 21.11.2024 07:55:57

SAP NetWeaver AS for ABAP and ABAP Platform - versions 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, allows an attacker authenticated as a non-administrative user to craft a request with certain parameters which can consume the server's resources...