SAP® and Oracle® Security Advisories

Onapsis Research Labs is the world’s leading team of security experts who combine their deep knowledge of critical ERP applications and decades of threat research experience to deliver impactful security insights and threat intelligence focused on the business-critical applications from SAP, Oracle, and SaaS providers. Onapsis Research Labs is, far and away, the most prolific and most celebrated contributor of vulnerability research by the SAP Product Security Response Team. No other research team comes close.

SAP HANA
Medium

11/09/2015

SAP HANA TrexNet TNS Information Disclosure

By exploiting this vulnerability, an unauthenticated attacker could obtain technical information of the SAP HANA System which could help facilitate further attacks against the system. Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a download link to your email. By registering, you will obtain…

Read More
SAP HANA
Medium

11/09/2015

SAP HANA TrexNet Remote Directory Creation

By exploiting this SAP HANA vulnerability, an unauthenticated attacker could render the system unavailable and potentially overwrite information. Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a download link to your email. By registering, you will obtain the following benefits:

Read More
SAP HANA
Medium

11/09/2015

SAP HANA TrexNet Remote Environment Disclosure

By exploiting this vulnerability, an unauthenticated attacker could obtain technical information that could be used by an attacker to facilitate a targeted attack. Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a download link to your email. By registering, you will obtain the following…

Read More
SAP HANA
Medium

11/09/2015

SAP HANA TrexNet Remote File Creation

By exploiting this vulnerability, an unauthenticated attacker could potentially render the system unavailable. Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a download link to your email. By registering, you will obtain the following benefits:

Read More
SAP HANA
Medium

11/08/2015

SAP HANA Remote Trace Disclosure

By exploiting this vulnerability, a remote unauthenticated attacker could remotely read technical information that could potentially grant him access to the system. Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a download link to your email. By registering, you will obtain the following benefits:

Read More
SAP HANA
Medium

03/12/2015

Multiple Reflected Cross Site Scripting Vulnerabilities in SAP HANA Webbased Development Workbench

By exploiting this vulnerability a remote unauthenticated attacker would be able to attack other users of the system. Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a download link to your email. By registering, you will obtain the following benefits:

Read More
SAP KERNEL
Medium

01/04/2011

SAP Management Console Information Disclosure

By Abusing this SAP KERNEL functionality, a remote and unauthenticated attacker would be able to gain sensitive information from an SAP System. This information would help him in the process of compromising the security of the SAP server through more advanced attacks. Please fill in the following form in order to download the selected Onapsis’…

Read More
789

Page 9 of 9