Vulnerabilities > SAP > Advanced Business Application Programming Platform Krnl32Uc

DATE CVE VULNERABILITY TITLE RISK
2019-06-12 CVE-2019-0304 Injection vulnerability in SAP products
FTP Function of SAP NetWeaver AS ABAP Platform, versions- KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73, KERNEL 7.21, 7.45, 7.49, 7.53, 7.73, allows an attacker to inject code or specifically manipulated command that can be executed by the application.
network
low complexity
sap CWE-74
critical
9.8
2019-03-12 CVE-2019-0270 Missing Authorization vulnerability in SAP products
ABAP Server of SAP NetWeaver and ABAP Platform fail to perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
network
low complexity
sap CWE-862
8.8
2019-02-15 CVE-2019-0265 XXE vulnerability in SAP products
SLD Registration of ABAP Platform allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service.
network
low complexity
sap CWE-611
4.9