Vulnerabilities > SAP > Netweaver Application Server Java > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-02-16 | CVE-2016-2386 | SQL Injection vulnerability in SAP Netweaver Application Server Java 7.40 SQL injection vulnerability in the UDDI server in SAP NetWeaver J2EE Engine 7.40 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Security Note 2101079. | 9.8 |