Vulnerabilities > SAP > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-02-14 | CVE-2018-2390 | Unspecified vulnerability in SAP Internet Graphics Server Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, via IGS Chart service. | 6.5 |
2018-02-14 | CVE-2018-2389 | Improper Encoding or Escaping of Output vulnerability in SAP Internet Graphics Server Under certain conditions a malicious user can inject log files of SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, hiding important information in the log file. | 5.7 |
2018-02-14 | CVE-2018-2388 | Cross-site Scripting vulnerability in SAP Internet Graphics Server Stored cross-site scripting vulnerability in SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53. | 6.1 |
2018-02-14 | CVE-2018-2387 | Unspecified vulnerability in SAP Internet Graphics Server A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, could allow a malicious user to obtain information on ports, which is not available to the user otherwise. | 6.5 |
2018-02-14 | CVE-2018-2386 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in SAP Internet Graphics Server Under certain conditions a malicious user provoking an out of bounds buffer overflow can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53. | 6.5 |
2018-02-14 | CVE-2018-2385 | Divide By Zero vulnerability in SAP Internet Graphics Server Under certain conditions a malicious user provoking a divide by zero crash can prevent legitimate users from accessing the SAP Internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, and its services. | 6.5 |
2018-02-14 | CVE-2018-2384 | NULL Pointer Dereference vulnerability in SAP Internet Graphics Server Under certain conditions a malicious user provoking a Null Pointer dereference can prevent legitimate users from accessing the SAP Internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, and its services. | 6.5 |
2018-02-14 | CVE-2018-2383 | Cross-site Scripting vulnerability in SAP Internet Graphics Server Reflected cross-site scripting vulnerability in SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53. | 6.1 |
2018-02-14 | CVE-2018-2382 | Unspecified vulnerability in SAP Internet Graphics Server A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, could allow a malicious user to store graphics in a controlled area and as such gain information from system area, which is not available to the user otherwise. | 6.5 |
2018-02-14 | CVE-2018-2379 | Information Exposure Through an Error Message vulnerability in SAP Hana Extended Application Services 1.0 In SAP HANA Extended Application Services, 1.0, an unauthenticated user could test if a given username is valid by evaluating error messages of a specific endpoint. | 6.5 |