Every CVE whose affected-product data names Sap Afaria, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2015-8753 — CVSS 9.1 (critical): SAP Afaria 7.0.6001.5 allows remote attackers to bypass authorization checks and wipe or lock mobile devices via a crafted request, related…
CVE-2015-4092 — CVSS 7.5 (high): Buffer overflow in the XComms process in SAP Afaria 7.00.6620.2 SP5 allows remote attackers to cause a denial of service (crash) or…
CVE-2015-2816 — CVSS 7.5 (high): The XcListener in SAP Afaria 7.0.6001.5 does not properly restrict access, which allows remote attackers to have unspecified impact via a…
CVE-2015-4161 — CVSS 7.5 (high): SAP Afaria does not properly restrict access to unspecified functionality, which allows remote attackers to obtain sensitive information…
CVE-2015-3449 — CVSS 7.2 (high): The Windows client in SAP Afaria 7.0.6398.0 uses weak permissions (Everyone: read and Everyone: write) for the install folder, which allows…
CVE-2015-2820 — CVSS 5.0 (medium): Buffer overflow in XcListener in SAP Afaria 7.0.6001.5 allows remote attackers to cause a denial of service (process termination) via a…
CVE-2015-6663 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the Client form in the Device Inspector page in SAP Afaria 7 allows remote attackers to inject…