Vulnerabilities > SAP > Netweaver > 7.5
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-09 | CVE-2024-27898 | Unspecified vulnerability in SAP Netweaver 7.5 SAP NetWeaver application, due to insufficient input validation, allows an attacker to send a crafted request from a vulnerable web application targeting internal systems behind firewalls that are normally inaccessible to an attacker from the external network, resulting in a Server-Side Request Forgery vulnerability. | 5.3 |
| 2019-01-08 | CVE-2019-0248 | Unspecified vulnerability in SAP Basis and Netweaver Under certain conditions SAP Gateway of ABAP Application Server (fixed in SAP_GWFND 7.5, 7.51, 7.52, 7.53; SAP_BASIS 7.5) allows an attacker to access information which would otherwise be restricted. | 5.9 |
| 2017-04-10 | CVE-2016-10311 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in SAP Netweaver Stack-based buffer overflow in SAP NetWeaver 7.0 through 7.5 allows remote attackers to cause a denial of service () by sending a crafted packet to the SAPSTARTSRV port, aka SAP Security Note 2295238. | 9.8 |