Total
32236 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-2459 | 1 Sap | 1 Mobile Platform | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Users of an SAP Mobile Platform (version 3.0) Offline OData application, which uses Offline OData-supplied delta tokens (which is on by default), occasionally receive some data values of a different user. | |||||
| CVE-2018-2458 | 1 Sap | 1 Business One | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Under certain conditions, Crystal Report using SAP Business One, versions 9.2 and 9.3, connection type allows an attacker to access information which would otherwise be restricted. | |||||
| CVE-2018-2457 | 1 Sap | 1 Adaptive Server Enterprise | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Under certain conditions SAP Adaptive Server Enterprise, version 16.0, allows some privileged users to access information which would otherwise be restricted. | |||||
| CVE-2018-2448 | 1 Sap | 1 Supplier Relationship Management Mdm Catalog | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Under certain conditions SAP SRM-MDM (CATALOG versions 3.0, 7.01, 7.02) utilities functionality allows an attacker to access information of user existence which would otherwise be restricted. | |||||
| CVE-2018-2446 | 1 Sap | 1 Businessobjects Business Intelligence | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Admin tools in SAP BusinessObjects Business Intelligence, versions 4.1, 4.2, allow an unauthenticated user to read sensitive information (server name), hence leading to an information disclosure. | |||||
| CVE-2018-2441 | 1 Sap | 1 Sap Kernel | 2024-11-21 | 5.5 MEDIUM | 5.5 MEDIUM |
| Under certain conditions the SAP Change and Transport System (ABAP), SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicode 7.21, 7.21EXT, 7.22 and 7.22EXT; SAP KERNEL 7.21, 7.22, 7.45, 7.49, 7.53 and 7.73, allows an attacker to transport information which would otherwise be restricted. | |||||
| CVE-2018-2438 | 1 Sap | 1 Internet Graphics Server | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, has several denial-of-service vulnerabilities that allow an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. | |||||
| CVE-2018-2437 | 1 Sap | 1 Internet Graphics Server | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| The SAP Internet Graphics Service (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to externally trigger IGS command executions which can lead to: disclosure of information and malicious file insertion or modification. | |||||
| CVE-2018-2433 | 1 Sap | 1 Sap Kernel | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| SAP Gateway (SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicode 7.21, 7.21EXT, 7.22 and 7.22EXT; SAP KERNEL 7.21, 7.22, 7.45, 7.49 and 7.53) allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. | |||||
| CVE-2018-2428 | 1 Sap | 2 Infrastructure, Ui | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Under certain conditions SAP UI5 Handler allows an attacker to access information which would otherwise be restricted. Software components affected are: SAP Infrastructure 1.0, SAP UI 7.4, 7.5, 7.51, 7.52 and version 2.0 of SAP UI for SAP NetWeaver 7.00. | |||||
| CVE-2018-2425 | 1 Sap | 1 Business One | 2024-11-21 | 2.1 LOW | 8.4 HIGH |
| Under certain conditions, SAP Business One, 9.2, 9.3, for SAP HANA backup service allows an attacker to access information which would otherwise be restricted. | |||||
| CVE-2018-2423 | 1 Sap | 1 Internet Graphics Server | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, HTTP and RFC listener allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. | |||||
| CVE-2018-2422 | 1 Sap | 1 Internet Graphics Server | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| SAP Internet Graphics Server (IGS) Portwatcher, 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. | |||||
| CVE-2018-2421 | 1 Sap | 1 Internet Graphics Server | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| SAP Internet Graphics Server (IGS) Portwatcher, 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. | |||||
| CVE-2018-2417 | 1 Sap | 1 Identity Management | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Under certain conditions, the SAP Identity Management 8.0 (pass of type ToASCII) allows an attacker to access information which would otherwise be restricted. | |||||
| CVE-2018-2403 | 1 Sap | 1 Disclosure Management | 2024-11-21 | 4.0 MEDIUM | 5.4 MEDIUM |
| Under certain conditions, SAP Disclosure Management 10.1 allows an attacker to access information which would otherwise be restricted. It is possible for an authorized user to get SAP Disclosure Management to point a specific chapter type to a chapter the user has not been given access to. | |||||
| CVE-2018-2400 | 1 Redwood | 1 Sap Business Process Automation | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Under certain conditions SAP Business Process Automation (BPA) By Redwood, 9.00, 9.10, allows an attacker to access information which would otherwise be restricted. | |||||
| CVE-2018-2396 | 1 Sap | 1 Internet Graphics Server | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, using IGS Interpreter service. | |||||
| CVE-2018-2395 | 1 Sap | 1 Internet Graphics Server | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Under certain conditions a malicious user may retrieve information on SAP Internet Graphic Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, overwrite existing image or corrupt other type of files. | |||||
| CVE-2018-2394 | 1 Sap | 1 Internet Graphics Server | 2024-11-21 | 5.0 MEDIUM | 6.5 MEDIUM |
| Under certain conditions an unauthenticated malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, services and/or system files. | |||||