Filtered by vendor Sap
Subscriptions
Total
1586 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-27599 | 1 Sap | 1 Netweaver Process Integration | 2024-11-21 | 6.5 Medium |
| SAP NetWeaver ABAP Server and ABAP Platform (Process Integration - Integration Builder Framework), versions - 7.10, 7.30, 7.31, 7.40, 7.50, allows an attacker to access information under certain conditions, which would otherwise be restricted. | ||||
| CVE-2021-27598 | 1 Sap | 1 Netweaver Application Server Java | 2024-11-21 | 5.3 Medium |
| SAP NetWeaver AS JAVA (Customer Usage Provisioning Servlet), versions - 7.31, 7.40, 7.50, allows an attacker to read some statistical data like product version, traffic, timestamp etc. because of missing authorization check in the servlet. | ||||
| CVE-2021-27597 | 1 Sap | 1 Netweaver Abap | 2024-11-21 | 7.5 High |
| SAP NetWeaver AS for ABAP (RFC Gateway), versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73,7.77,7.81,7.82,7.83, allows an unauthenticated attacker without specific knowledge of the system to send a specially crafted packet over a network which will trigger an internal error in the system due to improper input validation in method memmove() causing the system to crash and rendering it unavailable. In this attack, no data in the system can be viewed or modified. | ||||
| CVE-2021-27596 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 3.3 Low |
| When a user opens manipulated Autodesk 3D Studio for MS-DOS (.3DS) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2021-27595 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 3.3 Low |
| When a user opens manipulated Portable Document Format (.PDF) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2021-27594 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 3.3 Low |
| When a user opens manipulated Windows Bitmap (.BMP) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2021-27593 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 3.3 Low |
| When a user opens manipulated Graphics Interchange Format (.GIF) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2021-27592 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 7.8 High |
| When a user opens manipulated Universal 3D (.U3D) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2021-27591 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 7.8 High |
| When a user opens manipulated Portable Document Format (.PDF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2021-27590 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 7.8 High |
| When a user opens manipulated Tag Image File Format (.TIFF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2021-27589 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 7.8 High |
| When a user opens manipulated Scalable Vector Graphics (.SVG) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2021-27588 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 7.8 High |
| When a user opens manipulated HPGL format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2021-27587 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 7.8 High |
| When a user opens manipulated Jupiter Tessellation (.JT) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2021-27586 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 7.8 High |
| When a user opens manipulated Interchange File Format (.IFF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2021-27585 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 7.8 High |
| When a user opens manipulated Computer Graphics Metafile (.CGM) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2021-27584 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 3.3 Low |
| When a user opens manipulated PhotoShop Document (.PSD) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2021-21493 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 3.3 Low |
| When a user opens manipulated Graphics Interchange Format (.GIF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2021-21492 | 1 Sap | 1 Netweaver Application Server Java | 2024-11-21 | 4.3 Medium |
| SAP NetWeaver Application Server Java(HTTP Service), versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently validate logon group in URLs, resulting in a content spoofing vulnerability when directory listing is enabled. | ||||
| CVE-2021-21491 | 1 Sap | 1 Netweaver Application Server Java | 2024-11-21 | 6.1 Medium |
| SAP Netweaver Application Server Java (Applications based on WebDynpro Java) versions 7.00, 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allow an attacker to redirect users to a malicious site due to Reverse Tabnabbing vulnerabilities. | ||||
| CVE-2021-21490 | 1 Sap | 1 Netweaver Application Server Abap | 2024-11-21 | 6.1 Medium |
| SAP NetWeaver AS for ABAP (Web Survey), versions - 700, 702, 710, 711, 730, 731, 750, 750, 752, 75A, 75F, does not sufficiently encode input and output parameters which results in reflected cross site scripting vulnerability, through which a malicious user can access data relating to the current session and use it to impersonate a user and access all information with the same rights as the target user. | ||||