Sap Internet_graphics_server
28 CVEs affecting Sap Internet_graphics_server. Latest disclosed: 2018-08-14. Critical: 1, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2018-2437 | Critical | 9.1 | 2018-07-10 | The SAP Internet Graphics Service (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to externally trigger IGS command executions which can lead to: di… |
CVE-2018-2442 | High | 8.8 | 2018-08-14 | In SAP BusinessObjects Business Intelligence, versions 4.0, 4.1 and 4.2, while viewing a Web Intelligence report from BI Launchpad, the user session details ca… |
CVE-2018-2395 | High | 8.8 | 2018-02-14 | Under certain conditions a malicious user may retrieve information on SAP Internet Graphic Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, overwrite existing im… |
CVE-2018-2438 | High | 7.5 | 2018-07-10 | The SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, has several denial-of-service vulnerabilities that allow an attacker to prevent legiti… |
CVE-2018-2393 | High | 7.5 | 2018-02-14 | Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SA… |
CVE-2018-2392 | High | 7.5 | 2018-02-14 | Under certain conditions SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53, fails to validate XML External Entity appropriately causing the SA… |
CVE-2018-2420 | Medium | 6.5 | 2018-05-09 | SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to upload any file (including script files) without proper file format… |
CVE-2018-2396 | Medium | 6.5 | 2018-02-14 | Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53… |
CVE-2018-2394 | Medium | 6.5 | 2018-02-14 | Under certain conditions an unauthenticated malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7… |
CVE-2018-2391 | Medium | 6.5 | 2018-02-14 | Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53… |
CVE-2018-2390 | Medium | 6.5 | 2018-02-14 | Under certain conditions a malicious user can prevent legitimate users from accessing the SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53… |
CVE-2018-2387 | Medium | 6.5 | 2018-02-14 | A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, could allow a malicious user to obtain information on ports, which is not… |
CVE-2018-2386 | Medium | 6.5 | 2018-02-14 | Under certain conditions a malicious user provoking an out of bounds buffer overflow can prevent legitimate users from accessing the SAP Internet Graphics Serv… |
CVE-2018-2385 | Medium | 6.5 | 2018-02-14 | Under certain conditions a malicious user provoking a divide by zero crash can prevent legitimate users from accessing the SAP Internet Graphics Server, 7.20… |
CVE-2018-2384 | Medium | 6.5 | 2018-02-14 | Under certain conditions a malicious user provoking a Null Pointer dereference can prevent legitimate users from accessing the SAP Internet Graphics Server, 7… |
CVE-2018-2382 | Medium | 6.5 | 2018-02-14 | A vulnerability in the SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53, could allow a malicious user to store graphics in a controlled area and a… |
CVE-2018-2388 | Medium | 6.1 | 2018-02-14 | Stored cross-site scripting vulnerability in SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53. |
CVE-2018-2383 | Medium | 6.1 | 2018-02-14 | Reflected cross-site scripting vulnerability in SAP internet Graphics Server, 7.20, 7.20EXT, 7.45, 7.49, 7.53. |
CVE-2018-2439 | Medium | 5.9 | 2018-07-10 | The SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, has insufficient request validation (for example, where the request is validated for a… |
CVE-2018-2389 | Medium | 5.7 | 2018-02-14 | Under certain conditions a malicious user can inject log files of SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, hiding important informa… |