Sap Internet Graphics Server — known CVE vulnerabilities
Every CVE whose affected-product data names Sap Internet Graphics Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (28)
CVE-2006-6346 — CVSS 10.0 (critical): Unspecified vulnerability in SAP Internet Graphics Service (IGS) 6.40 Patchlevel 15 and earlier, and 7.00 Patchlevel 3 and earlier, allows…
CVE-2018-2437 — CVSS 9.1 (critical): The SAP Internet Graphics Service (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to externally trigger IGS command executions…
CVE-2018-2395 — CVSS 8.8 (high): Under certain conditions a malicious user may retrieve information on SAP Internet Graphic Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53…
CVE-2018-2442 — CVSS 8.8 (high): In SAP BusinessObjects Business Intelligence, versions 4.0, 4.1 and 4.2, while viewing a Web Intelligence report from BI Launchpad, the…
CVE-2006-4133 — CVSS 7.5 (high): Heap-based buffer overflow in SAP Internet Graphics Service (IGS) 6.40 and earlier, and 7.00 and earlier, allows remote attackers to cause…
CVE-2006-6345 — CVSS 7.5 (high): Directory traversal vulnerability in SAP Internet Graphics Service (IGS) 6.40 Patchlevel 16 and earlier, and 7.00 Patchlevel 6 and earlier…
CVE-2018-2392 — CVSS 7.5 (high): Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity…
CVE-2018-2393 — CVSS 7.5 (high): Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity…
CVE-2018-2438 — CVSS 7.5 (high): The SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, has several denial-of-service vulnerabilities that allow an…
CVE-2018-2385 — CVSS 6.5 (medium): Under certain conditions a malicious user provoking a divide by zero crash can prevent legitimate users from accessing the SAP Internet…
CVE-2018-2387 — CVSS 6.5 (medium): A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, could allow a malicious user to obtain information on…
CVE-2018-2390 — CVSS 6.5 (medium): Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20…
CVE-2018-2391 — CVSS 6.5 (medium): Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20…
CVE-2018-2394 — CVSS 6.5 (medium): Under certain conditions an unauthenticated malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server…
CVE-2018-2382 — CVSS 6.5 (medium): A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, could allow a malicious user to store graphics in a…
CVE-2018-2396 — CVSS 6.5 (medium): Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20…
CVE-2018-2420 — CVSS 6.5 (medium): SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to upload any file (including script files) without…
CVE-2018-2384 — CVSS 6.5 (medium): Under certain conditions a malicious user provoking a Null Pointer dereference can prevent legitimate users from accessing the SAP Internet…
CVE-2018-2386 — CVSS 6.5 (medium): Under certain conditions a malicious user provoking an out of bounds buffer overflow can prevent legitimate users from accessing the SAP…
CVE-2018-2388 — CVSS 6.1 (medium): Stored cross-site scripting vulnerability in SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53.
CVE-2018-2383 — CVSS 6.1 (medium): Reflected cross-site scripting vulnerability in SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53.
CVE-2018-2439 — CVSS 5.9 (medium): The SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, has insufficient request validation (for example, where the…
CVE-2018-2389 — CVSS 5.7 (medium): Under certain conditions a malicious user can inject log files of SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53…
CVE-2018-2423 — CVSS 5.3 (medium): SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, HTTP and RFC listener allows an attacker to prevent legitimate users…
CVE-2018-2421 — CVSS 5.3 (medium): SAP Internet Graphics Server (IGS) Portwatcher, 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to prevent legitimate users from…
CVE-2018-2422 — CVSS 5.3 (medium): SAP Internet Graphics Server (IGS) Portwatcher, 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to prevent legitimate users from…
CVE-2006-4134 — CVSS 5.0 (medium): Unspecified vulnerability related to a "design flaw" in SAP Internet Graphics Service (IGS) 6.40 and earlier and 7.00 and earlier allows…
CVE-2007-3613 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in ADM:GETLOGFILE in SAP Internet Graphics Service (IGS) allows remote attackers to inject…