Vulnerabilities > SAP > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-05-11 CVE-2022-29610 Unspecified vulnerability in SAP Netweaver Application Server Abap
SAP NetWeaver Application Server ABAP allows an authenticated attacker to upload malicious files and delete (theme) data, which could result in Stored Cross-Site Scripting (XSS) attack.
network
low complexity
sap
5.4
2022-05-11 CVE-2022-29613 Unspecified vulnerability in SAP Employee Self Service 605
Due to insufficient input validation, SAP Employee Self Service allows an authenticated attacker with user privileges to alter employee number.
network
low complexity
sap
4.3
2022-04-12 CVE-2022-22541 Unspecified vulnerability in SAP Businessobjects Business Intelligence Platform 420/430
SAP BusinessObjects Business Intelligence Platform - versions 420, 430, may allow legitimate users to access information they shouldn't see through relational or OLAP connections.
network
low complexity
sap
6.5
2022-04-12 CVE-2022-26105 Unspecified vulnerability in SAP Netweaver Enterprise Portal
SAP NetWeaver Enterprise Portal - versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, is susceptible to script execution attack by an unauthenticated attacker due to improper sanitization of the user inputs while interacting on the Network.
network
low complexity
sap
6.1
2022-04-12 CVE-2022-26106 Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens a manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.
network
low complexity
sap
6.5
2022-04-12 CVE-2022-26107 Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens a manipulated Jupiter Tesselation (.jt, JTReader.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.
network
low complexity
sap
6.5
2022-04-12 CVE-2022-26108 Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens a manipulated Picture Exchange (.pcx, 2d.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.
network
low complexity
sap
6.5
2022-04-12 CVE-2022-26109 Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens a manipulated Portable Document Format (.pdf, PDFView.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.
network
low complexity
sap
6.5
2022-04-12 CVE-2022-27654 Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens a manipulated Photoshop Document (.psd, 2d.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.
network
low complexity
sap
6.5
2022-04-12 CVE-2022-27655 Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9
When a user opens a manipulated Universal 3D (.u3d, 3difr.x3d) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.
network
low complexity
sap
6.5