Vulnerabilities (CVE)

Filtered by vendor Sap Subscribe
Filtered by product Netweaver
Total 102 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-1592 1 Sap 1 Netweaver 2024-11-21 10.0 HIGH 9.8 CRITICAL
A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistics() function when sending specially crafted SAP Message Server packets to remote TCP ports 36NN and/or 39NN in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04, which could let a remote malicious user execute arbitrary code.
CVE-2011-1517 1 Sap 1 Netweaver 2024-11-21 7.5 HIGH 9.8 CRITICAL
SAP NetWeaver 7.0 allows Remote Code Execution and Denial of Service caused by an error in the DiagTraceHex() function. By sending a specially-crafted packet, an attacker could exploit this vulnerability to cause the application to crash.