Page 12 of 68 results (0.005 seconds)

CVSS: 5.0EPSS: 3%CPEs: 2EXPL: 1

Unspecified vulnerability in SAP Internet Communication Manager (ICM), as used in SAP NetWeaver 7.02 and 7.3, allows remote attackers to cause a denial of service (process termination) via unknown vectors. Vulnerabilidad no especificada en SAP Internet Communication Manager (ICM), utilizado en SAP NetWeaver 7.02 y 7.3, permite a atacantes remotos causar una denegación de servicio (terminación de proceso) a través de vectores desconocidos. • http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition http://www.securityfocus.com/bid/71030 https://erpscan.io/advisories/erpscan-14-016-sap-netweaver-httpd-partial-http-post-requests-dos https://erpscan.io/press-center/blog/sap-critical-patch-update-october-2014 https://exchange.xforce.ibmcloud.com/vulnerabilities/98582 https://service.sap.com/sap/support/notes/1966655 https://twitter.com/SAP_Gsupport/status/524138333065449472 •

CVSS: 5.0EPSS: 9%CPEs: 2EXPL: 0

Unspecified vulnerability in SAP Host Agent, as used in SAP NetWeaver 7.02 and 7.3, allows remote attackers to cause a denial of service (process termination) via a crafted request. Vulnerabilidad no especificada en SAP Host Agent, utilizado en SAP NetWeaver 7.02 y 7.3, permite a atacantes remotos causar una denegación de servicio (terminación de proceso) a través de una solicitud manipulada. • http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition https://erpscan.io/advisories/erpscan-14-017-sap-netweaver-http-partial-http-post-requests-dos https://erpscan.io/advisories/erpscan-14-018-sap-netweaver-j2ee-engine-partial-http-post-requests-dos https://erpscan.io/advisories/erpscan-14-019-sap-netweaver-j2ee-engine-partial-http-post-requests-dos https://erpscan.io/advisories/erpscan-14-020-sap-netweaver-management-console-gsaop-partial-http-requests-dos https://erpscan.io/advisories/erps •

CVSS: 5.0EPSS: 3%CPEs: 2EXPL: 4

The Standalone Enqueue Server in SAP Netweaver 7.20, 7.01, and earlier allows remote attackers to cause a denial of service (uncontrolled recursion and crash) via a trace level with a wildcard in the Trace Pattern. El servidor Standalone Enqueue en SAP Netweaver 7.20, 7.01, y anteriores permite a atacantes remotos causar una denegación de servicio (recursión sin control y caída) a través de un nivel de traza con un comodín en la pauta de traza (Trace Pattern). • https://www.exploit-db.com/exploits/35000 http://blog.onapsis.com/analyzing-sap-security-notes-october-2014-edition http://packetstormsecurity.com/files/128726/SAP-Netweaver-Enqueue-Server-Trace-Pattern-Denial-Of-Service.html http://seclists.org/fulldisclosure/2014/Oct/76 http://secunia.com/advisories/60950 http://www.coresecurity.com/advisories/sap-netweaver-enqueue-server-trace-pattern-denial-service-vulnerability http://www.securityfocus.com/archive/1/533719/100/0/threaded https://exchange.xforce.ibmclou • CWE-20: Improper Input Validation •

CVSS: 6.5EPSS: 1%CPEs: 2EXPL: 0

Buffer overflow in disp+work.exe 7000.52.12.34966 and 7200.117.19.50294 in the Dispatcher in SAP NetWeaver 7.00 and 7.20 allows remote authenticated users to cause a denial of service or execute arbitrary code via unspecified vectors. Desbordamiento de buffer en disp+work.exe 7000.52.12.34966 y 7200.117.19.50294 en el distribuidor de la plataforma SAP NetWeaver 7.00 y 7.20 permite a usuarios remotos autenticados causar una denegación de servicio o ejecutar código arbitrario a través de vectores no especificados. • http://scn.sap.com/docs/DOC-8218 http://secunia.com/advisories/60496 https://erpscan.io/advisories/erpscan-14-011-sap-netweaver-dispatcher-buffer-overflow-rce-dos https://exchange.xforce.ibmcloud.com/vulnerabilities/96196 https://service.sap.com/sap/support/notes/2018221 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.0EPSS: 0%CPEs: 10EXPL: 0

SAP NetWeaver 7.20 and earlier allows remote attackers to read arbitrary SAP Central User Administration (SAP CUA) tables via unspecified vectors. SAP NetWeaver 7.20 y anteriores permite a atacantes remotos leer tablas de SAP Central User Administration (SAP CUA) arbitrarias a través de vectores no especificados. • http://en.securitylab.ru/lab/PT-2014-09 http://scn.sap.com/docs/DOC-8218 http://secunia.com/advisories/58671 https://service.sap.com/sap/support/notes/1997455 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •