what you don't know can hurt you
Showing 1 - 25 of 100 RSS Feed

Files

SAP NetWeaver ABAP Enqueue Memory Corruption
Posted Oct 22, 2021
Authored by Yvan Genuer | Site onapsis.com

SAP NetWeaver ABAP Enqueue service suffers from multiple memory corruption vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2021-27606, CVE-2021-27629, CVE-2021-27630, CVE-2021-27631, CVE-2021-27632
SHA-256 | 311841e1ce77e5cac126339df98efcba8eda52f242b8a567340833179c8bd6c5

Related Files

SAP NetWeaver ABAP IGS Memory Corruption
Posted Oct 22, 2021
Authored by Yvan Genuer | Site onapsis.com

The SAP NetWeaver ABAP IGS service suffers from multiple memory corruption vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2021-27620, CVE-2021-27622, CVE-2021-27624, CVE-2021-27625, CVE-2021-27626, CVE-2021-27627
SHA-256 | 2d1f0734303783a8b47a886f91b23670d4395d5d4ed4501f6e4af6001b97b2b7
SAP NetWeaver ABAP Gateway Memory Corruption
Posted Oct 22, 2021
Authored by Yvan Genuer | Site onapsis.com

The SAP NetWeaver ABAP Gateway service suffers from multiple memory corruption vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2021-27597, CVE-2021-27633, CVE-2021-27634
SHA-256 | da1fec63d0f864232e684c79171e0e2cc4a5296c2ce6bd0702518810eabac2ea
SAP NetWeaver ABAP Dispatcher Service Memory Corruption
Posted Oct 22, 2021
Authored by Yvan Genuer | Site onapsis.com

SAP NetWeaver ABAP Dispatcher service suffers from memory corruption vulnerabilities. An unauthenticated attacker without specific knowledge of the system can send a specially crafted packet over a network which will trigger an internal error in the system causing the system to crash and rendering it unavailable.

tags | advisory, vulnerability
advisories | CVE-2021-27607, CVE-2021-27628
SHA-256 | 17cc60af5d9b943931eeb5cd66b2a4f367a1a9b045b6aa0fe83114111e1f2e37
SAP NetWeaver AS JAVA CRM Log Injection Remote Command Execution
Posted Mar 14, 2018
Authored by Vahagn Vardanyan

SAP NetWeaver AS JAVA CRM log injection remote command execution exploit.

tags | exploit, java, remote
advisories | CVE-2018-2380
SHA-256 | 3e099354c4a0cc48ef5abaf2930e91c0e1bb6616e3ff003040ac00c3e5138384
SAP NetWeaver AS JAVA 7.4 XXE Injection
Posted Nov 21, 2016
Authored by Vahagn Vardanyan

SAP NetWeaver AS JAVA version 7.4 suffers from an XML external entity (XXE) injection vulnerability.

tags | exploit, java, xxe
SHA-256 | efd99512a1f7388c7f876065269028bfcebd3facd45d7f9528eed91a41312084
SAP NetWeaver AS JAVA 7.4 Denial Of Service
Posted Nov 21, 2016
Authored by Vahagn Vardanyan

SAP NetWeaver AS JAVA version 7.4 suffers from a denial of service vulnerability.

tags | exploit, java, denial of service
SHA-256 | 867f8128690b89340fd1f3685572beeded84a79290e1e6dc540dcd297158cc35
SAP NetWeaver AS JAVA 7.5 Directory Traversal
Posted Nov 19, 2016
Authored by Mathieu Geli

SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from a directory traversal vulnerability.

tags | exploit, java
SHA-256 | 62cc4d036331589bf67b67e77af5807e4474a073efb99c6620b5006901f5230b
SAP NetWeaver AS ABAP 7.4 Directory Traversal
Posted Nov 19, 2016
Authored by Daria Prosochkina

SAP NetWeaver AS ABAP version 7.4 suffers from a directory traversal vulnerability.

tags | exploit
SHA-256 | 84ff922450ca8f53eaea6f84e5101ea1a2bb7652412f540755f0c5b78015f1e1
SAP NetWeaver AS JAVA 7.4 XXE Injection
Posted Jul 14, 2016
Authored by Vahagn Vardanyan

An attacker can trigger an XML Entity Expansion or XML External Entity Injection. This causes the entire machine to become unresponsive until the process is terminated manually. An attacker can use this flaw to perform a denial-of-service (DoS) attack. SAP NetWeaver AS JAVA version 7.4 is affected.

tags | exploit, java, xxe
advisories | CVE-2016-4014
SHA-256 | 00d680c67dc60d3912397c85f8496bcdaca53ce2cb060a4c8ebe9fc69b59c8a2
SAP NetWeaver AS JAVA 7.4 jstart Denial Of Service
Posted Jun 22, 2016
Authored by Dmitry Yudin

The Java Startup Framework (jstart) in SAP Application server for Java allows remote attackers to cause a denial of service via a crafted request. SAP NetWeaver AS JAVA versions 7.2 through 7.4 are affected.

tags | advisory, java, remote, denial of service
advisories | CVE-2016-3980
SHA-256 | bb3db47d4fcab7f0f9eca2bde8886165421542cd01cf50081af2e14438a6d1d2
SAP NetWeaver AS JAVA 7.5 Cross Site Scripting
Posted Jun 22, 2016
Authored by Vahagn Vardanyan

SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from a cross site scripting vulnerability.

tags | exploit, java, xss
SHA-256 | 3227c8ee7e5ffae4107c3102e05d6c483cc347aa6c21ed54de26dc0f839fee13
SAP NetWeaver AS JAVA 7.5 Information Disclosure
Posted Jun 22, 2016
Authored by Vahagn Vardanyan

SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer form an information disclosure vulnerability in WD_CHAT.

tags | exploit, java, info disclosure
advisories | CVE-2016-3973
SHA-256 | c86a0c971a9ddf7d0a42320c53175f15d4860f92751a45e80a3910f467711ef4
SAP NetWeaver AS JAVA 7.5 XXE Injection
Posted Jun 17, 2016
Authored by Vahagn Vardanyan

SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from an XML external entity injection vulnerability.

tags | exploit, java, xxe
advisories | CVE-2016-3974
SHA-256 | 44897fd3de22b74e679203c9cb11f3fb82fcf5325291f376823810d3b828f093
SAP NetWeaver AS JAVA 7.5 Cross Site Scripting
Posted Jun 17, 2016
Authored by Vahagn Vardanyan

SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from a cross site scripting vulnerability.

tags | exploit, java, xss
advisories | CVE-2016-3975
SHA-256 | 20052cfd6741d7dfcf904514b3be697e271bc2041eeead1cb9b3ca48a8d8d899
SAP NetWeaver AS JAVA 7.5 Directory Traversal
Posted Jun 17, 2016
Authored by Vahagn Vardanyan

SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from a directory traversal vulnerability.

tags | exploit, java
advisories | CVE-2016-3976
SHA-256 | 790e576e203d8d6179e7abc17a655e8165edc85deda7e8a80645173db2db72a8
SAP NetWeaver AS JAVA 7.5 SQL Injection
Posted May 19, 2016
Authored by Vahagn Vardanyan

SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from a remote SQL injection vulnerability.

tags | exploit, java, remote, sql injection
advisories | CVE-2016-2386
SHA-256 | db00019357db1804ffea0c5ca76cb4f4042f6423e57de6a275761be682393508
SAP NetWeaver AS JAVA 7.5 Information Disclosure
Posted May 19, 2016
Authored by Vahagn Vardanyan

SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from an information disclosure vulnerability.

tags | exploit, java, info disclosure
advisories | CVE-2016-2388
SHA-256 | ff32f8dfc483575f12d9638b631629d9ab8b592d1ff7efb0bb98169a0fa75462
SAP NetWeaver AS JAVA 7.4 Cross Site Scripting
Posted May 16, 2016
Authored by Vahagn Vardanyan

SAP NetWeaver AS JAVA version 7.4 suffers from a cross site scripting vulnerability.

tags | exploit, java, xss
SHA-256 | 6b5b4efd5d7e256e564699033608a728468786c991209741d89bfdce20049406
SAP NetWeaver J2EE DAS Service Unauthorized Access
Posted Oct 18, 2015
Authored by Alexander Polyakov

In SAP NetWeaver AS JAVA, it is possible to call some of the DAS files without authorization because they do not check if a user is authorized to access some of the JSPs.

tags | advisory, java
SHA-256 | 17e930af4bcb201a5b3c49123d1dd0c39290d43e9d66e4289fe5cec29479a0e8
SAP HANA setTraceLevelsForXsApps SQL Injection
Posted Sep 29, 2015
Authored by Pablo Artuso | Site onapsis.com

Onapsis Security Advisory - SAP HANA suffers from a remote SQL injection vulnerability in the setTraceLevelsForXsApps function. By exploiting this vulnerability an attacker could change configuration settings in the HANA system, affecting the integrity of the data stored and possibly turning the platform unavailable to other users, who won't be able to perform their assigned business operations.

tags | advisory, remote, sql injection
SHA-256 | 7869861a8cf7d5ac351d96a4bde8a820fc9cf69a49a6804cb69e0ab966bc97ce
SAP HANA test-net.xsjs Code Injection
Posted Sep 29, 2015
Authored by Nahuel D. Sanchez, Pablo Artuso | Site onapsis.com

Onapsis Security Advisory - SAP HANA suffers from an XSJS code injection vulnerability in test-net.xsjs. By exploiting this vulnerability a remote authenticated attacker would be able to partially compromise the SAP system as well as all the information processed and stored in the HANA system.

tags | advisory, remote
SHA-256 | 536c2f5bd066d0dd00d1598734d6f710d8be3e982bbd78bef9d75361bc5754eb
SAP HANA _newUser SQL Injection
Posted Sep 29, 2015
Authored by Pablo Artuso | Site onapsis.com

Onapsis Security Advisory - The SAP HANA _newUser function suffers from a remote SQL injection vulnerability. By exploiting this vulnerability an attacker could modify information related to users of the HANA system, affecting the integrity of the data stored.

tags | advisory, remote, sql injection
SHA-256 | f3b215fc645ed5adb73a39c5c8db51b7f63d88844aaeb6ee126baf1e0fc6ffda
SAP HANA _modifyUser SQL Injection
Posted Sep 29, 2015
Authored by Pablo Artuso | Site onapsis.com

Onapsis Security Advisory - The SAP HANA _modifyUser function suffers from a remote SQL injection vulnerability. By exploiting this vulnerability an attacker could modify information related to users of the HANA system, affecting the integrity of the data stored.

tags | advisory, remote, sql injection
SHA-256 | 2bf8dc1f0018c72dd7928ea2e39a57b4c7a243e7a5cde3f12425bfe6876cac15
SAP HANA hdbsql Memory Corruption
Posted Sep 29, 2015
Authored by Nahuel D. Sanchez | Site onapsis.com

Onapsis Security Advisory - SAP HANA hdbsql suffers from multiple memory corruption vulnerabilities. By exploiting this vulnerability an attacker could abuse of management interfaces to execute commands on the HANA system and ultimately compromise all the information stored and processed by the system.

tags | advisory, vulnerability
advisories | CVE-2015-6507
SHA-256 | 368ce04e67548cdb573e6df82ff6477de56a2a3d247070855e42496c9c199e7f
SAP Business Objects Memory Corruption
Posted Sep 23, 2015
Authored by Will Vandevanter | Site onapsis.com

Onapsis Security Advisory - SAP Business Objects suffers from a memory corruption vulnerability. By exploiting this vulnerability an unauthenticated attacker could read or write any business-relevant information from the Business Intelligence Platform and also render the system unavailable to other users.

tags | advisory
SHA-256 | 38f5d4c8882c9a29b1c46ec18ce9b8b283de108c7ffe457c455f9e65e781276c
Page 1 of 4
Back1234Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    12 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close