Total
22706 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-2382 | 1 Sap | 1 Internet Graphics Server | 2020-08-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, could allow a malicious user to store graphics in a controlled area and as such gain information from system area, which is not available to the user otherwise. | |||||
| CVE-2018-2387 | 1 Sap | 1 Internet Graphics Server | 2020-08-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, could allow a malicious user to obtain information on ports, which is not available to the user otherwise. | |||||
| CVE-2018-2395 | 1 Sap | 1 Internet Graphics Server | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| Under certain conditions a malicious user may retrieve information on SAP Internet Graphic Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, overwrite existing image or corrupt other type of files. | |||||
| CVE-2018-2398 | 1 Sap | 1 Business Client | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Under certain conditions SAP Business Client 6.5 allows an attacker to access information which would otherwise be restricted. | |||||
| CVE-2018-2400 | 1 Redwood | 1 Sap Business Process Automation | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Under certain conditions SAP Business Process Automation (BPA) By Redwood, 9.00, 9.10, allows an attacker to access information which would otherwise be restricted. | |||||
| CVE-2018-2403 | 1 Sap | 1 Disclosure Management | 2020-08-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| Under certain conditions, SAP Disclosure Management 10.1 allows an attacker to access information which would otherwise be restricted. It is possible for an authorized user to get SAP Disclosure Management to point a specific chapter type to a chapter the user has not been given access to. | |||||
| CVE-2018-2417 | 1 Sap | 1 Identity Management | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| Under certain conditions, the SAP Identity Management 8.0 (pass of type ToASCII) allows an attacker to access information which would otherwise be restricted. | |||||
| CVE-2018-2425 | 1 Sap | 1 Business One | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| Under certain conditions, SAP Business One, 9.2, 9.3, for SAP HANA backup service allows an attacker to access information which would otherwise be restricted. | |||||
| CVE-2018-2428 | 1 Sap | 2 Infrastructure, Ui | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| Under certain conditions SAP UI5 Handler allows an attacker to access information which would otherwise be restricted. Software components affected are: SAP Infrastructure 1.0, SAP UI 7.4, 7.5, 7.51, 7.52 and version 2.0 of SAP UI for SAP NetWeaver 7.00. | |||||
| CVE-2018-2433 | 1 Sap | 1 Sap Kernel | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| SAP Gateway (SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicode 7.21, 7.21EXT, 7.22 and 7.22EXT; SAP KERNEL 7.21, 7.22, 7.45, 7.49 and 7.53) allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. | |||||
| CVE-2018-2437 | 1 Sap | 1 Internet Graphics Server | 2020-08-24 | 6.4 MEDIUM | 9.1 CRITICAL |
| The SAP Internet Graphics Service (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to externally trigger IGS command executions which can lead to: disclosure of information and malicious file insertion or modification. | |||||
| CVE-2018-2441 | 1 Sap | 1 Sap Kernel | 2020-08-24 | 5.5 MEDIUM | 5.5 MEDIUM |
| Under certain conditions the SAP Change and Transport System (ABAP), SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicode 7.21, 7.21EXT, 7.22 and 7.22EXT; SAP KERNEL 7.21, 7.22, 7.45, 7.49, 7.53 and 7.73, allows an attacker to transport information which would otherwise be restricted. | |||||
| CVE-2018-2448 | 1 Sap | 1 Supplier Relationship Management Mdm Catalog | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| Under certain conditions SAP SRM-MDM (CATALOG versions 3.0, 7.01, 7.02) utilities functionality allows an attacker to access information of user existence which would otherwise be restricted. | |||||
| CVE-2018-2457 | 1 Sap | 1 Adaptive Server Enterprise | 2020-08-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| Under certain conditions SAP Adaptive Server Enterprise, version 16.0, allows some privileged users to access information which would otherwise be restricted. | |||||
| CVE-2018-2458 | 1 Sap | 1 Business One | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Under certain conditions, Crystal Report using SAP Business One, versions 9.2 and 9.3, connection type allows an attacker to access information which would otherwise be restricted. | |||||
| CVE-2019-16273 | 1 Dten | 4 D5, D5 Firmware, D7 and 1 more | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| DTEN D5 and D7 before 1.3.4 devices allow unauthenticated root shell access through Android Debug Bridge (adb), leading to arbitrary code execution and system administration. Also, this provides a covert ability to capture screen data from the Zoom Client on Windows by executing commands on the Android OS. | |||||
| CVE-2018-2467 | 1 Sap | 1 Businessobjects Bi Platform | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| In the Software Development Kit in SAP BusinessObjects BI Platform Servers, versions 4.1 and 4.2, using the specially crafted URL in a Web Browser such as Chrome the system returns an error with the path of the used application server. | |||||
| CVE-2018-2468 | 1 Sap | 1 Adaptive Server Enterprise | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Under certain conditions the backup server in SAP Adaptive Server Enterprise (ASE), versions 15.7 and 16.0, allows an attacker to access information which would otherwise be restricted. | |||||
| CVE-2018-2469 | 1 Sap | 1 Adaptive Server Enterprise | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Under certain conditions SAP Adaptive Server Enterprise (ASE), versions 15.7 and 16.0, allows an attacker to access information which would otherwise be restricted. | |||||
| CVE-2018-2471 | 1 Sap | 1 Businessobjects Business Intelligence Platform | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Under certain conditions SAP BusinessObjects Business Intelligence Platform 4.10 and 4.20 allows an attacker to access information which would otherwise be restricted. | |||||