📦 Netweaver Application Server Java

CVE-2023-40309 is an authentication bypass vulnerability in SAP CommonCryptoLib that allows authenticated users to escalate privileges by bypassing authorization checks. This affects SAP applications ...

CVE-2022-22532 is a critical memory corruption vulnerability in SAP NetWeaver Application Server Java that allows unauthenticated attackers to execute arbitrary code via crafted HTTP requests. This co...

CVE-2021-37535 is a critical authorization bypass vulnerability in SAP NetWeaver Application Server Java's JMS Connector Service. It allows attackers to execute unauthorized actions without proper pri...

CVE-2020-26829 is a critical authentication bypass vulnerability in SAP NetWeaver AS JAVA's P2P cluster communication. It allows unauthenticated attackers to connect to cluster services from outside t...

This vulnerability in SAP NetWeaver AS Java allows attackers to perform denial-of-service attacks by exploiting unrestricted access to Meta Model Repository services. This affects all SAP NetWeaver AS...

CVE-2024-24743 is an XML external entity (XXE) vulnerability in SAP NetWeaver AS Java's Guided Procedures component. Unauthenticated attackers can submit malicious XML files to access sensitive files ...

CVE-2021-33670 is a denial-of-service vulnerability in SAP NetWeaver AS for Java's HTTP Service Monitoring Filter. Attackers can crash the filter by sending multiple HTTP requests with different metho...

SAP NetWeaver Application Server Java has an authentication bypass vulnerability that allows unauthenticated attackers to access internal files. This could expose sensitive system information but does...

This CRLF injection vulnerability in SAP NetWeaver Application Server Java allows authenticated administrators to inject malicious entries into configuration files by submitting specially crafted cont...