Vulnerabilities > SAP

DATE CVE VULNERABILITY TITLE RISK
2022-04-12 CVE-2022-26107 Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens a manipulated Jupiter Tesselation (.jt, JTReader.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.
network
low complexity
sap
6.5
2022-04-12 CVE-2022-26108 Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens a manipulated Picture Exchange (.pcx, 2d.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.
network
low complexity
sap
6.5
2022-04-12 CVE-2022-26109 Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens a manipulated Portable Document Format (.pdf, PDFView.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.
network
low complexity
sap
6.5
2022-04-12 CVE-2022-27654 Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens a manipulated Photoshop Document (.psd, 2d.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.
network
low complexity
sap
6.5
2022-04-12 CVE-2022-27655 Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens a manipulated Universal 3D (.u3d, 3difr.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.
network
low complexity
sap
6.5
2022-04-12 CVE-2022-27657 Unspecified vulnerability in SAP Focused RUN 1.0
A highly privileged remote attacker, can gain unauthorized access to display contents of restricted directories by exploiting insufficient validation of path information in SAP Focused Run (Simple Diagnostics Agent 1.0) - version 1.0.
network
low complexity
sap
2.7
2022-04-12 CVE-2022-27667 Unspecified vulnerability in SAP Businessobjects Business Intelligence Platform 430
Under certain conditions, SAP BusinessObjects Business Intelligence platform, Client Management Console (CMC) - version 430, allows an attacker to access information which would otherwise be restricted, leading to Information Disclosure.
network
low complexity
sap
7.5
2022-04-12 CVE-2022-27669 Unspecified vulnerability in SAP Netweaver Application Server for Java 7.50
An unauthenticated user can use functions of XML Data Archiving Service of SAP NetWeaver Application Server for Java - version 7.50, to which access should be restricted.
network
low complexity
sap
7.5
2022-04-12 CVE-2022-27670 Unspecified vulnerability in SAP SQL Anywhere 17.0
SAP SQL Anywhere - version 17.0, allows an authenticated attacker to prevent legitimate users from accessing a SQL Anywhere database server by crashing the server with some queries that use indirect identifiers.
network
low complexity
sap
6.5
2022-04-12 CVE-2022-27671 Unspecified vulnerability in SAP Businessobjects Business Intelligence Platform 420/430
A CSRF token visible in the URL may possibly lead to information disclosure vulnerability.
network
low complexity
sap
6.5