Skip to content
/ my_cves Public

Reposito to keep track of all my high/critical findings.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

lmkalg/my_cves

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits

README.md

README.md

 
 

Repository files navigation

My high/critical CVE's

The following table shows all my, either high or critical (CVSS > 7.0) findings.

Vendor CVE CVSS Patch Description
SAP CVE-2020-6287 10.0 2934135 [SAP RECON] SAP JAVA: Unauthenticated execution of configuration tasks (create admin user)
SAP CVE-2020-6207 10.0 2890213 SAP SolMan: Unauthenticated RCE in agents
SAP CVE-2020-6207 9.9 2890213 SAP SolMan: Authenticated RCE in agents in SP 11 PL 2
SAP CVE-2020-26820 9.1 2979062 Privilege escalation in SAP NetWeaver Application Server for Java (UDDI Server)
SAP CVE-2019-0330 9.1 2808158 SAP SMD: OS Command Injection whitelist bypass
SAP CVE-2016-7435 9.1 2260344 OS command Injection in SCTC_* Functions
SAP NOT ASSIGNED 9.1 2371726 OS command injection in BRAN_DIR_CREATE
SAP NOT ASSIGNED 9.1 2357141 OS command injection in TERM_TBX_EXPORT
SAP CVE-2016-6144 9.0 2216869 HANA SYSTEM user brute force attack
SAP CVE-2019-0277 8.7 2764283 XXE in SLDREG binary
SAP CVE-2021-27635 8.7 3053066 XXE in SAP JAVA NetWeaver System Connections
SAP CVE-2018-2373 8.6 2589129 SAP HANA XSA: Blind boolean-based SQL Injection
SAP CVE-2020-6235 8.6 2906994 SAP Solman: Unauthenticated Remote file disclosure
SAP CVE-2020-26837 8.5 2983204 SAP Solman: Authenticated path traversal in EEM scripts
SAP NOT ASSIGNED 8.5 2408892 Missing authority check DOE_REINITIALIZE_DEVICE
SAP CVE-2020-6271 8.2 2931391 SAP Solman: Missing XML validation
SAP CVE-2019-0363 7.7 2817491 SAP HANA XSA: DoS UUA Component
SAP CVE-2020-26830 7.6 2983204 SAP Solman: Missing authorization check when executing EEM activities
SAP CVE-2020-6309 7.5 2941315 SAP JAVA: Unauthenticated DoS
SAP CVE-2020-6191 7.2 2878030 SAP Host Agent: Root local privilege escalation in several functions through LaMa
SAP CVE-2020-6192 7.2 2877968 SAP Host Agent: Root local privilege escalation in several functions through LaMa
SAP CVE-2020-6234 7.2 2902645 SAP Host Agent: Root local privilege escalation in several functions
SAP CVE-2018-2375 7.1 2589129 SAP HANA XSA: Plain password disclosure
SAP CVE-2018-2376 7.1 2589129 SAP HANA XSA: Plain password disclosure

Vendors Recognition page

About

Reposito to keep track of all my high/critical findings.

Resources

Readme
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published