CVE-2023-40309 — CVSS 9.8 (critical): SAP CommonCryptoLib does not perform necessary authentication checks, which may result in missing or wrong authorization checks for an…
CVE-2023-40308 — CVSS 7.5 (high): SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption…
CVE-2024-33005 — CVSS 6.3 (medium): Due to the missing authorization checks in the local systems, the admin users of SAP Web Dispatcher, SAP NetWeaver Application Server (ABAP…
CVE-2023-26457 — CVSS 6.1 (medium): SAP Content Server - version 7.53, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS)…
CVE-2015-4157 — CVSS 5.0 (medium): SAP Content Server allows remote attackers to cause a denial of service (service termination) via unspecified vectors, aka SAP Security…