Every CVE whose affected-product data names Sap Maxdb, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2008-0244 — CVSS 10.0 (critical): SAP MaxDB 7.6.03 build 007 and earlier allows remote attackers to execute arbitrary commands via "&&" and other shell metacharacters in…
CVE-2010-1185 — CVSS 10.0 (critical): Stack-based buffer overflow in serv.exe in SAP MaxDB 7.4.3.32, and 7.6.0.37 through 7.6.06 allows remote attackers to execute arbitrary…
CVE-2008-0307 — CVSS 9.3 (critical): Integer signedness error in vserver in SAP MaxDB 7.6.0.37, and possibly other versions, allows remote attackers to execute arbitrary code…
CVE-2015-2282 — CVSS 7.5 (high): Stack-based buffer overflow in the LZC decompression implementation (CsObjectInt::CsDecomprLZC function in vpa106cslzc.cpp) in SAP MaxDB…
CVE-2018-2450 — CVSS 7.2 (high): SAP MaxDB (liveCache), versions 7.8 and 7.9, allows an attacker who gets DBM operator privileges to execute crafted database queries and…
CVE-2008-0306 — CVSS 6.9 (medium): sdbstarter in SAP MaxDB 7.6.0.37, and possibly other versions, allows local users to execute arbitrary commands by using unspecified…
CVE-2015-2278 — CVSS 5.0 (medium): The LZH decompression implementation (CsObjectInt::BuildHufTree function in vpa108csulzh.cpp) in SAP MaxDB 7.5 and 7.6, Netweaver…
CVE-2008-1810 — CVSS 4.4 (medium): Untrusted search path vulnerability in dbmsrv in SAP MaxDB 7.6.03.15 on Linux allows local users to gain privileges via a modified PATH…