Vulnerabilities > SAP > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2014-04-10 | CVE-2013-7363 | Unspecified vulnerability in SAP Solution Manager Unspecified vulnerability in the Diagnostics (SMD) agent in SAP Solution Manager allows remote attackers to obtain sensitive information, modify the configuration of applications, and install or remove applications via vectors involving the P4 protocol. | 7.5 |
2014-04-10 | CVE-2013-7362 | Code Injection vulnerability in SAP Ccms Agent An unspecified RFC function in SAP CCMS Agent allows remote attackers to execute arbitrary commands via unknown vectors. | 7.5 |
2014-04-10 | CVE-2013-7360 | Arbitrary File Read and Write vulnerability in SAP Adminadapter Unspecified vulnerability in SAP adminadapter allows remote attackers to read or write to arbitrary files via unknown vectors. | 7.5 |
2014-04-10 | CVE-2013-7355 | SQL Injection vulnerability in SAP BI Universal Data Integration SQL injection vulnerability in SAP BI Universal Data Integration allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to the J2EE schema. | 7.5 |
2013-12-13 | CVE-2013-7096 | SQL Injection vulnerability in SAP EMR Unwired Multiple SQL injection vulnerabilities in SAP EMR Unwired allow remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2013-12-13 | CVE-2013-7094 | SQL Injection vulnerability in SAP Netweaver 7.30 SQL injection vulnerability in the RSDDCVER_COUNT_TAB_COLS function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2013-11-23 | CVE-2013-6869 | SQL Injection vulnerability in SAP Netweaver 7.30 SQL injection vulnerability in the SRTT_GET_COUNT_BEFORE_KEY_RFC function in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |
2013-10-26 | CVE-2013-6284 | Unspecified vulnerability in SAP ERP Central Component Unspecified vulnerability in the Statutory Reporting for Insurance (FS_SR) component in the Financial Services module for SAP ERP Central Component (ECC) allows attackers to execute arbitrary code via unspecified vectors, related to a "code injection vulnerability." | 7.5 |
2013-09-12 | CVE-2013-5723 | SQL Injection vulnerability in SAP Netweaver 7.30 SQL injection vulnerability in SAP NetWeaver 7.30 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, related to "ABAD0_DELETE_DERIVATION_TABLE." | 7.5 |
2008-02-06 | CVE-2008-0621 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in SAP Sapgui, Saplpd and Sapsprint Buffer overflow in SAPLPD 6.28 and earlier included in SAP GUI 7.10 and SAPSprint before 1018 allows remote attackers to execute arbitrary code via long arguments to the (1) 0x01, (2) 0x02, (3) 0x03, (4) 0x04, and (5) 0x05 LPD commands. | 7.5 |