Every CVE whose affected-product data names Sap Sap Db, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2007-3614 — CVSS 7.5 (high): Multiple stack-based buffer overflows in waHTTP.exe (aka the SAP DB Web Server) in SAP DB, possibly 7.3 through 7.5, allow remote attackers…
CVE-2003-0941 — CVSS 7.5 (high): web-tools in SAP DB before 7.4.03.30 allows remote attackers to access the Web Agent Administration pages and modify configuration via a…
CVE-2003-0942 — CVSS 7.5 (high): Buffer overflow in Web Agent Administration service in web-tools for SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary…
CVE-2003-0943 — CVSS 7.5 (high): web-tools in SAP DB before 7.4.03.30 installs several services that are enabled by default, which could allow remote attackers to obtain…
CVE-2003-0944 — CVSS 7.5 (high): Buffer overflow in the WAECHO default service in web-tools in SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via…
CVE-2003-0945 — CVSS 7.5 (high): The Web Database Manager in web-tools for SAP DB before 7.4.03.30 generates predictable session IDs, which allows remote attackers to…
CVE-2003-0939 — CVSS 7.5 (high): eo420_GetStringFromVarPart in veo420.c for SAP database server (SAP DB) 7.4.03.27 and earlier may allow remote attackers to execute…
CVE-2003-0938 — CVSS 7.2 (high): vos24u.c in SAP database server (SAP DB) 7.4.03.27 and earlier allows local users to gain SYSTEM privileges via a malicious "NETAPI32.DLL"…
CVE-2003-1033 — CVSS 7.2 (high): The (1) instdbmsrv and (2) instlserver programs in SAP DB Development Tools 7.x trust the user-provided INSTROOT environment variable as a…
CVE-2002-1576 — CVSS 7.2 (high): lserver in SAP DB 7.3 and earlier uses the current working directory to find and execute the lserversrv program, which allows local users…
CVE-2003-0265 — CVSS 6.2 (medium): Race condition in SDBINST for SAP database 7.3.0.29 creates critical files with world-writable permissions before initializing the setuid…
CVE-2003-0940 — CVSS 5.0 (medium): Directory traversal vulnerability in sqlfopenc for web-tools in SAP DB before 7.4.03.30 allows remote attackers to read arbitrary files via…