Vulnerabilities > SAP > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-31 | CVE-2016-6856 | Cross-site Scripting vulnerability in SAP Hybris Cross-site scripting (XSS) vulnerability in the Inbox Search feature in Hybris Management Console (HMC) in SAP Hybris before 6.0 allows remote attackers to inject arbitrary web script or HTML via the itemsperpage parameter. | 6.1 |
| 2016-12-14 | CVE-2016-3685 | Use of Hard-coded Credentials vulnerability in SAP Download Manager 1.1.3.0/2.1.142 SAP Download Manager 2.1.142 and earlier generates an encryption key from a small key space on Windows and Mac systems, which allows context-dependent attackers to obtain sensitive configuration information by leveraging knowledge of a hardcoded key in the program code and a computer BIOS serial number, aka SAP Security Note 2282338. | 4.7 |
| 2016-12-14 | CVE-2016-3684 | Unspecified vulnerability in SAP Download Manager 1.1.3.0/2.1.142 SAP Download Manager 2.1.142 and earlier uses a hardcoded encryption key to protect stored data, which allows context-dependent attackers to obtain sensitive configuration information by leveraging knowledge of this key, aka SAP Security Note 2282338. | 4.7 |
| 2016-11-23 | CVE-2016-9563 | XXE vulnerability in SAP Netweaver Application Server Java 7.50 BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via the sap.com~tc~bpem~him~uwlconn~provider~web/bpemuwlconn URI, aka SAP Security Note 2296909. | 6.5 |
| 2016-10-13 | CVE-2016-4407 | Improper Access Control vulnerability in SAP Sapcryptolib 5.555.38 The DSA algorithm implementation in SAP SAPCRYPTOLIB 5.555.38 does not properly check signatures, which allows remote authenticated users to impersonate arbitrary users via unspecified vectors, aka SAP Security Note 2223008. | 6.5 |
| 2016-10-13 | CVE-2016-3638 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in SAP SLD Registration SAP SLD Registration Program (aka SLDREG) allows local users to cause a denial of service (memory corruption and process termination) via a crafted HOST parameter, aka SAP Security Note 2125623. | 5.5 |
| 2016-09-27 | CVE-2016-6146 | Information Exposure vulnerability in SAP Trex 7.10 The NameServer in SAP TREX 7.10 Revision 63 allows remote attackers to obtain sensitive TNS information via an unspecified query, aka SAP Security Note 2234226. | 5.3 |
| 2016-09-26 | CVE-2016-3639 | Information Exposure vulnerability in SAP Hana DB 1.00.091.00.1418659308 SAP HANA DB 1.00.091.00.1418659308 allows remote attackers to obtain sensitive topology information via an unspecified HTTP request, aka SAP Security Note 2176128. | 4.3 |
| 2016-08-13 | CVE-2016-5847 | Permissions, Privileges, and Access Controls vulnerability in SAP Sapcar Archive Tool SAP SAPCAR allows local users to change the permissions of arbitrary files and consequently gain privileges via a hard link attack on files extracted from an archive, possibly related to SAP Security Note 2327384. | 5.8 |
| 2016-08-13 | CVE-2016-5845 | Unspecified vulnerability in SAP Sapcar SAP SAPCAR does not check the return value of file operations when extracting files, which allows remote attackers to cause a denial of service (program crash) via an invalid file name in an archive file, aka SAP Security Note 2312905. | 5.5 |