cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-24740,https://securityvulnerability.io/vulnerability/CVE-2024-24740,SAP NetWeaver Application Server (ABAP) Vulnerabilities Allow Access to Restricted Information,"SAP NetWeaver Application Server (ABAP) - versions KERNEL 7.53, KERNEL 7.54, KERNEL 7.77, KERNEL 7.85, KERNEL 7.89, KERNEL 7.93, KERNEL 7.94, KRNL64UC 7.53, under certain conditions, allows an attacker to access information which could otherwise be restricted with low impact on confidentiality of the application.

",SAP,SAP NetWeaver Application Server ABAP (SAP Kernel),5.3,MEDIUM,0.0005000000237487257,false,false,false,false,,false,false,2024-02-13T02:35:21.224Z,0
CVE-2022-22543,https://securityvulnerability.io/vulnerability/CVE-2022-22543,,"SAP NetWeaver Application Server for ABAP (Kernel) and ABAP Platform (Kernel) - versions KERNEL 7.22, 8.04, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, 7.87, KRNL64UC 8.04, 7.22, 7.22EXT, 7.49, 7.53, KRNL64NUC 7.22, 7.22EXT, 7.49, does not sufficiently validate sap-passport information, which could lead to a Denial-of-Service attack. This allows an unauthorized remote user to provoke a breakdown of the SAP Web Dispatcher or Kernel work process. The crashed process can be restarted immediately, other processes are not affected.",SAP,SAP Netweaver Application Server For Abap (kernel) And Abap Platform (kernel),7.5,HIGH,0.0020200000144541264,false,false,false,false,,false,false,2022-02-09T22:05:27.000Z,0
CVE-2021-40501,https://securityvulnerability.io/vulnerability/CVE-2021-40501,,"SAP ABAP Platform Kernel - versions 7.77, 7.81, 7.85, 7.86, does not perform necessary authorization checks for an authenticated business user, resulting in escalation of privileges. That means this business user is able to read and modify data beyond the vulnerable system. However, the attacker can neither significantly reduce the performance of the system nor stop the system.",SAP,SAP Abap Platform Kernel,8.1,HIGH,0.0006399999838322401,false,false,false,false,,false,false,2021-11-10T15:22:15.000Z,0
CVE-2020-6304,https://securityvulnerability.io/vulnerability/CVE-2020-6304,,"Improper input validation in SAP NetWeaver Internet Communication Manager (update provided in KRNL32NUC & KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT KRNL64NUC & KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49 KERNEL 7.21, 7.49, 7.53) allows an attacker to prevent users from accessing its services through a denial of service.",SAP,"SAP Netweaver Internet Communication Manager (krnl32nuc),SAP Netweaver Internet Communication Manager (krnl32uc),SAP Netweaver Internet Communication Manager (krnl64nuc),SAP Netweaver Internet Communication Manager (krnl64uc),SAP Netweaver Internet Communication Manager (kernel)",5.9,MEDIUM,0.0011599999852478504,false,false,false,false,,false,false,2020-01-14T17:52:59.000Z,0
CVE-2019-0365,https://securityvulnerability.io/vulnerability/CVE-2019-0365,,"SAP Kernel (RFC), KRNL32NUC, KRNL32UC and KRNL64NUC before versions 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64UC, before versions 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73 and KERNEL before versions 7.21, 7.49, 7.53, 7.73, 7.76 SAP GUI for Windows (BC-FES-GUI) before versions 7.5, 7.6, and SAP GUI for Java (BC-FES-JAV) before version 7.5, allow an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service.",SAP,"SAP Kernel (krnl32nuc),SAP Kernel (krnl32uc),SAP Kernel (krnl64nuc),SAP Kernel (krnl64uc),SAP Kernel (kernel),SAP Gui For Windows (bc-fes-gui),SAP Gui For Java (bc-fes-jav)",7.5,HIGH,0.0011599999852478504,false,false,false,false,,false,false,2019-09-10T16:15:26.000Z,0
CVE-2019-0349,https://securityvulnerability.io/vulnerability/CVE-2019-0349,,"SAP Kernel (ABAP Debugger), versions KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73, KERNEL 7.21, 7.49, 7.53, 7.73, 7.75, 7.76, 7.77, allows a user to execute “Go to statement” without possessing the authorization S_DEVELOP DEBUG 02, resulting in Missing Authorization Check",SAP,"SAP Kernel (krnl32nuc),SAP Kernel (krnl32uc),SAP Kernel (krnl64nuc),SAP Kernel (krnl64uc),SAP Kernel (kernel)",7.2,HIGH,0.0010400000028312206,false,false,false,false,,false,false,2019-08-14T14:54:52.000Z,0
CVE-2019-0304,https://securityvulnerability.io/vulnerability/CVE-2019-0304,,"FTP Function of SAP NetWeaver AS ABAP Platform, versions- KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73, KERNEL 7.21, 7.45, 7.49, 7.53, 7.73, allows an attacker to inject code or specifically manipulated command that can be executed by the application. An attacker could thereby control the behaviour of the application.",SAP,"SAP Netweaver As Abap Platform(krnl32nuc),SAP Netweaver As Abap Platform(krnl32uc),SAP Netweaver As Abap Platform(krnl64nuc),SAP Netweaver As Abap Platform(krnl64uc),SAP Netweaver As Abap Platform(kernel)",9.8,CRITICAL,0.0024399999529123306,false,false,false,false,,false,false,2019-06-12T14:21:39.000Z,0
CVE-2017-5997,https://securityvulnerability.io/vulnerability/CVE-2017-5997,,"The SAP Message Server HTTP daemon in SAP KERNEL 7.21-7.49 allows remote attackers to cause a denial of service (memory consumption and process crash) via multiple msgserver/group?group= requests with a crafted size of the group parameter, aka SAP Security Note 2358972.",SAP,SAP Kernel,7.5,HIGH,0.0026499999221414328,false,false,false,false,,false,false,2017-02-15T19:00:00.000Z,0
CVE-2014-9595,https://securityvulnerability.io/vulnerability/CVE-2014-9595,,"Buffer overflow in the SAP NetWeaver Dispatcher in SAP Kernel 7.00 32-bit and 7.40 64-bit allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via unspecified vectors, related to the Spool System, aka SAP Note 2061271.",SAP,SAP Kernel,,,0.009200000204145908,false,false,false,false,,false,false,2015-01-15T15:00:00.000Z,0
CVE-2014-9594,https://securityvulnerability.io/vulnerability/CVE-2014-9594,,"Buffer overflow in the SAP NetWeaver Dispatcher in SAP Kernel 7.00 32-bit and 7.40 64-bit allows remote authenticated users to cause a denial of service or possibly execute arbitrary code via unspecified vectors, related to the ABAP VM, aka SAP Note 2059734.",SAP,SAP Kernel,,,0.009200000204145908,false,false,false,false,,false,false,2015-01-15T15:00:00.000Z,0
CVE-2009-4603,https://securityvulnerability.io/vulnerability/CVE-2009-4603,,"Unspecified vulnerability in sapstartsrv.exe in the SAP Kernel 6.40, 7.00, 7.01, 7.10, 7.11, and 7.20, as used in SAP NetWeaver 7.x and SAP Web Application Server 6.x and 7.x, allows remote attackers to cause a denial of service (Management Console shutdown) via a crafted request. NOTE: some of these details are obtained from third party information.",SAP,SAP Kernel,,,0.007329999934881926,false,false,false,false,,false,false,2010-01-12T17:30:00.000Z,0