Vulnerabilities > SAP > Advanced Business Application Programming Platform Krnl64Uc
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-06-12 | CVE-2019-0304 | Code Injection vulnerability in SAP products FTP Function of SAP NetWeaver AS ABAP Platform, versions- KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73, KERNEL 7.21, 7.45, 7.49, 7.53, 7.73, allows an attacker to inject code or specifically manipulated command that can be executed by the application. | 7.5 |
2019-03-12 | CVE-2019-0270 | Missing Authorization vulnerability in SAP products ABAP Server of SAP NetWeaver and ABAP Platform fail to perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | 6.5 |
2019-02-15 | CVE-2019-0265 | XXE vulnerability in SAP products SLD Registration of ABAP Platform allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. | 4.0 |
2019-02-15 | CVE-2019-0255 | Improper Input Validation vulnerability in SAP products SAP NetWeaver AS ABAP Platform, Krnl64nuc 7.74, krnl64UC 7.73, 7.74, Kernel 7.73, 7.74, 7.75, fails to validate type of installation for an ABAP Server system correctly. | 5.5 |