Vulnerabilities > SAP

DATE CVE VULNERABILITY TITLE RISK
2022-06-14 CVE-2022-32241 Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens manipulated Portable Document Format (.pdf, PDFView.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
local
low complexity
sap
5.5
2022-06-14 CVE-2022-32242 Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens manipulated Radiance Picture (.hdr, hdr.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
local
low complexity
sap
5.5
2022-06-14 CVE-2022-32243 Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens manipulated Scalable Vector Graphics (.svg, svg.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
local
low complexity
sap
5.5
2022-06-14 CVE-2022-32236 Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens manipulated Windows Bitmap (.bmp, 2d.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
local
low complexity
sap
5.5
2022-06-14 CVE-2022-32237 Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
local
low complexity
sap
5.5
2022-06-14 CVE-2022-32238 Improper Input Validation vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens manipulated Encapsulated Post Script (.eps, ai.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
local
low complexity
sap CWE-20
5.5
2022-06-14 CVE-2022-32239 Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens manipulated JPEG 2000 (.jp2, jp2k.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
local
low complexity
sap
5.5
2022-06-14 CVE-2022-29614 Unspecified vulnerability in SAP Host Agent and Netweaver Abap
SAP startservice - of SAP NetWeaver Application Server ABAP, Application Server Java, ABAP Platform and HANA Database - versions KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, 7.88, KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, SAPHOSTAGENT 7.22, - on Unix systems, s-bit helper program sapuxuserchk, can be abused physically resulting in a privilege escalation of an attacker leading to low impact on confidentiality and integrity, but a profound impact on availability.
low complexity
sap
5.0
2022-06-14 CVE-2022-29615 Unspecified vulnerability in SAP Netweaver Developer Studio 7.50
SAP NetWeaver Developer Studio (NWDS) - version 7.50, is based on Eclipse, which contains the logging framework log4j in version 1.x.
local
low complexity
sap
3.4
2022-06-14 CVE-2022-29618 Unspecified vulnerability in SAP Netweaver Development Infrastructure
Due to insufficient input validation, SAP NetWeaver Development Infrastructure (Design Time Repository) - versions 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to inject script into the URL and execute code in the user’s browser.
network
low complexity
sap
6.1