Vulnerabilities > SAP > Netweaver > 7.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-04-10 | CVE-2016-10311 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in SAP Netweaver Stack-based buffer overflow in SAP NetWeaver 7.0 through 7.5 allows remote attackers to cause a denial of service () by sending a crafted packet to the SAPSTARTSRV port, aka SAP Security Note 2295238. | 7.5 |
| 2016-04-14 | CVE-2016-4015 | Denial of Service vulnerability in SAP NetWeaver Enqueue Server The Enqueue Server in SAP NetWeaver JAVA AS 7.1 through 7.4 allows remote attackers to cause a denial of service (process crash) via a crafted request, aka SAP Security Note 2258784. | 5.0 |
| 2016-04-14 | CVE-2016-4014 | XML External Entity Injection vulnerability in SAP Netweaver 7.4 XML external entity (XXE) vulnerability in the UDDI component in SAP NetWeaver JAVA AS 7.4 allows remote attackers to cause a denial of service (system hang) via a crafted DTD in an XML request to uddi/api/replication, aka SAP Security Note 2254389. | 9.0 |