cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score CVE-2021-27597,https://securityvulnerability.io/vulnerability/CVE-2021-27597,,"SAP NetWeaver AS for ABAP (RFC Gateway), versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73,7.77,7.81,7.82,7.83, allows an unauthenticated attacker without specific knowledge of the system to send a specially crafted packet over a network which will trigger an internal error in the system due to improper input validation in method memmove() causing the system to crash and rendering it unavailable. In this attack, no data in the system can be viewed or modified.",SAP,SAP Netweaver As For Abap (rfc Gateway),7.5,HIGH,0.0010900000343099236,false,false,false,false,,false,false,2021-06-09T00:00:00.000Z,0 CVE-2021-27634,https://securityvulnerability.io/vulnerability/CVE-2021-27634,,"SAP NetWeaver AS for ABAP (RFC Gateway), versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73,7.77,7.81,7.82,7.83, allows an unauthenticated attacker without specific knowledge of the system to send a specially crafted packet over a network which will trigger an internal error in the system due to improper input validation in method ThCpicDtCreate () causing the system to crash and rendering it unavailable. In this attack, no data in the system can be viewed or modified.",SAP,SAP Netweaver As For Abap (rfc Gateway),7.5,HIGH,0.001180000021122396,false,false,false,false,,false,false,2021-06-09T00:00:00.000Z,0 CVE-2021-27633,https://securityvulnerability.io/vulnerability/CVE-2021-27633,,"SAP NetWeaver AS for ABAP (RFC Gateway), versions - KRNL32NUC - 7.22,7.22EXT, KRNL64NUC - 7.22,7.22EXT,7.49, KRNL64UC - 8.04,7.22,7.22EXT,7.49,7.53,7.73, KERNEL - 7.22,8.04,7.49,7.53,7.73,7.77,7.81,7.82,7.83, allows an unauthenticated attacker without specific knowledge of the system to send a specially crafted packet over a network which will trigger an internal error in the system due to improper input validation in method ThCPIC() causing the system to crash and rendering it unavailable. In this attack, no data in the system can be viewed or modified.",SAP,SAP Netweaver As For Abap (rfc Gateway),7.5,HIGH,0.001180000021122396,false,false,false,false,,false,false,2021-06-09T00:00:00.000Z,0 CVE-2019-0338,https://securityvulnerability.io/vulnerability/CVE-2019-0338,,"During an OData V2/V4 request in SAP Gateway, versions 750, 751, 752, 753, the HTTP Header attributes cache-control and pragma were not properly set, allowing an attacker to access restricted information, resulting in Information Disclosure.",SAP,SAP Gateway,5.3,MEDIUM,0.0008999999845400453,false,false,false,false,,false,false,2019-08-14T13:49:43.000Z,0 CVE-2019-0319,https://securityvulnerability.io/vulnerability/CVE-2019-0319,,"The SAP Gateway, versions 7.5, 7.51, 7.52 and 7.53, allows an attacker to inject content which is displayed in the form of an error message. An attacker could thus mislead a user to believe this information is from the legitimate service when it's not.",SAP,SAP Gateway,7.5,HIGH,0.0645499974489212,false,false,false,false,,false,false,2019-07-10T18:51:55.000Z,0 CVE-2019-0248,https://securityvulnerability.io/vulnerability/CVE-2019-0248,,"Under certain conditions SAP Gateway of ABAP Application Server (fixed in SAP_GWFND 7.5, 7.51, 7.52, 7.53; SAP_BASIS 7.5) allows an attacker to access information which would otherwise be restricted.",SAP,"SAP Gateway Of Abap Application Server(SAP Gwfnd),SAP Gateway Of Abap Application Server(SAP Basis)",5.9,MEDIUM,0.002689999993890524,false,false,false,false,,false,false,2019-01-08T20:00:00.000Z,0 CVE-2018-2433,https://securityvulnerability.io/vulnerability/CVE-2018-2433,,"SAP Gateway (SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicode 7.21, 7.21EXT, 7.22 and 7.22EXT; SAP KERNEL 7.21, 7.22, 7.45, 7.49 and 7.53) allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service.",SAP,SAP Gateway,7.5,HIGH,0.001180000021122396,false,false,false,false,,false,false,2018-07-10T18:00:00.000Z,0