Filtered by vendor Sap
Subscriptions
Total
1535 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-2394 | 1 Sap | 1 Internet Graphics Server | 2024-11-21 | N/A |
| Under certain conditions an unauthenticated malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, services and/or system files. | ||||
| CVE-2018-2393 | 1 Sap | 1 Internet Graphics Server | 2024-11-21 | N/A |
| Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server (IGS) to become unavailable. | ||||
| CVE-2018-2392 | 1 Sap | 1 Internet Graphics Server | 2024-11-21 | N/A |
| Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SAP Internet Graphics Server (IGS) to become unavailable. | ||||
| CVE-2018-2391 | 1 Sap | 1 Internet Graphics Server | 2024-11-21 | N/A |
| Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, via IGS portwatcher service. | ||||
| CVE-2018-2390 | 1 Sap | 1 Internet Graphics Server | 2024-11-21 | N/A |
| Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, via IGS Chart service. | ||||
| CVE-2018-2389 | 1 Sap | 1 Internet Graphics Server | 2024-11-21 | N/A |
| Under certain conditions a malicious user can inject log files of SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, hiding important information in the log file. | ||||
| CVE-2018-2388 | 1 Sap | 1 Internet Graphics Server | 2024-11-21 | N/A |
| Stored cross-site scripting vulnerability in SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53. | ||||
| CVE-2018-2387 | 1 Sap | 1 Internet Graphics Server | 2024-11-21 | N/A |
| A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, could allow a malicious user to obtain information on ports, which is not available to the user otherwise. | ||||
| CVE-2018-2386 | 1 Sap | 1 Internet Graphics Server | 2024-11-21 | N/A |
| Under certain conditions a malicious user provoking an out of bounds buffer overflow can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53. | ||||
| CVE-2018-2385 | 1 Sap | 1 Internet Graphics Server | 2024-11-21 | N/A |
| Under certain conditions a malicious user provoking a divide by zero crash can prevent legitimate users from accessing the SAP Internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, and its services. | ||||
| CVE-2018-2384 | 1 Sap | 1 Internet Graphics Server | 2024-11-21 | N/A |
| Under certain conditions a malicious user provoking a Null Pointer dereference can prevent legitimate users from accessing the SAP Internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, and its services. | ||||
| CVE-2018-2383 | 1 Sap | 1 Internet Graphics Server | 2024-11-21 | N/A |
| Reflected cross-site scripting vulnerability in SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53. | ||||
| CVE-2018-2382 | 1 Sap | 1 Internet Graphics Server | 2024-11-21 | N/A |
| A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, could allow a malicious user to store graphics in a controlled area and as such gain information from system area, which is not available to the user otherwise. | ||||
| CVE-2018-2381 | 1 Sap | 1 Erp Financials Information System | 2024-11-21 | N/A |
| SAP ERP Financials Information System (SAP_APPL 6.00, 6.02, 6.03, 6.04, 6.05, 6.06, 6.16; SAP_FIN 6.17, 6.18, 7.00, 7.20, 7.30 S4CORE 1.00, 1.01, 1.02) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | ||||
| CVE-2018-2379 | 1 Sap | 1 Hana Extended Application Services | 2024-11-21 | N/A |
| In SAP HANA Extended Application Services, 1.0, an unauthenticated user could test if a given username is valid by evaluating error messages of a specific endpoint. | ||||
| CVE-2018-2378 | 1 Sap | 1 Hana Extended Application Services | 2024-11-21 | N/A |
| In SAP HANA Extended Application Services, 1.0, unauthorized users can read statistical data about deployed applications including resource consumption. | ||||
| CVE-2018-2377 | 1 Sap | 1 Hana Extended Application Services | 2024-11-21 | N/A |
| In SAP HANA Extended Application Services, 1.0, some general server statistics and status information could be retrieved by unauthorized users. | ||||
| CVE-2018-2376 | 1 Sap | 1 Hana Extended Application Services | 2024-11-21 | N/A |
| In SAP HANA Extended Application Services, 1.0, a controller user who has SpaceAuditor authorization in a specific space could retrieve application environments within that space. | ||||
| CVE-2018-2375 | 1 Sap | 1 Hana Extended Application Services | 2024-11-21 | N/A |
| In SAP HANA Extended Application Services, 1.0, a controller user who has SpaceAuditor authorization in a specific space could retrieve application environments within that space. | ||||
| CVE-2018-2374 | 1 Sap | 1 Hana Extended Application Services | 2024-11-21 | N/A |
| In SAP HANA Extended Application Services, 1.0, a controller user who has SpaceAuditor authorization in a specific space could retrieve sensitive application data like service bindings within that space. | ||||