Vulnerabilities > SAP > Low
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-03-22 | CVE-2021-27594 | Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9 When a user opens manipulated Windows Bitmap (.BMP) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | 3.3 |
2021-03-22 | CVE-2021-27595 | Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9 When a user opens manipulated Portable Document Format (.PDF) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | 3.3 |
2021-03-22 | CVE-2021-27596 | Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9 When a user opens manipulated Autodesk 3D Studio for MS-DOS (.3DS) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | 3.3 |
2021-03-09 | CVE-2021-21493 | Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9 When a user opens manipulated Graphics Interchange Format (.GIF) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application. | 3.3 |
2021-03-09 | CVE-2021-27584 | Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9 When a user opens manipulated PhotoShop Document (.PSD) format files received from untrusted sources in SAP 3D Visual Enterprise Viewer version 9, the application crashes and becomes temporarily unavailable to the user until restart of the application. | 3.3 |
2020-11-30 | CVE-2020-6317 | Information Exposure Through Log Files vulnerability in SAP Adaptive Server Enterprise 15.7/16.0 In certain situations, an attacker with regular user credentials and local access to an ASE cockpit installation can access sensitive information which appears in the installation log files. | 3.5 |
2020-11-10 | CVE-2020-26807 | Incorrect Default Permissions vulnerability in SAP ERP Client for E-Bilanz 1.0 SAP ERP Client for E-Bilanz, version - 1.0, installation sets Incorrect default filesystem permissions are set in its installation folder which allows anyone to modify the files in the folder. | 3.3 |
2020-07-14 | CVE-2020-6280 | Unspecified vulnerability in SAP Abap Platform and Netweaver Application Server Abap SAP NetWeaver (ABAP Server) and ABAP Platform, versions 731, 740, 750, allows an attacker with admin privileges to access certain files which should otherwise be restricted, leading to Information Disclosure. | 2.7 |
2020-03-10 | CVE-2020-6197 | Insufficient Session Expiration vulnerability in SAP Enable NOW 10/1902 SAP Enable Now, before version 1908, does not invalidate session tokens in a timely manner. | 3.3 |
2020-01-14 | CVE-2020-6306 | Missing Authorization vulnerability in SAP Leasing Missing authorization check in a transaction within SAP Leasing (update provided in SAP_APPL 6.18, EA-APPL 6.0, 6.02, 6.03, 6.04, 6.05, 6.06, 6.16 and 6.17). | 2.7 |