SAP® and Oracle® Security Advisories

Onapsis Research Labs is the world’s leading team of security experts who combine their deep knowledge of critical ERP applications and decades of threat research experience to deliver impactful security insights and threat intelligence focused on the business-critical applications from SAP, Oracle, and SaaS providers. Onapsis Research Labs is, far and away, the most prolific and most celebrated contributor of vulnerability research by the SAP Product Security Response Team. No other research team comes close.

SAP KERNEL
Low

07/29/2019

SAP SDLREG Fixed Key for Encryption

Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a download link to your email. By registering, you will obtain the following benefits:

Read More
Oracle E-Business Suite
High

07/18/2018

Multiple Oracle E-Business Suite Cross-Site Scripting (XSS)

Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a download link to your email. By registering, you will obtain the following benefits:

Read More
Oracle E-Business Suite
High

07/18/2018

Multiple Oracle E-Business Suite Open Redirection

Please fill in the following form in order to download the selected Onapsis’ resource. The system will send you a download link to your email. By registering, you will obtain the following benefits:

Read More
Oracle E-Business Suite
Critical

06/14/2018

Oracle OpenJDK Denial Of Service

By exploiting this vulnerability, an unauthenticated attacker could render the platform in-operative.

Read More
SAP BusinessObjects
Medium

06/14/2018

SAP BusinessObjects Information Disclosure via CORBA

By exploiting this vulnerability an attacker could discover information relating to servers. This information could be used to allow the attacker to specialize their attacks. Please fill out the form to download the security advisory.

Read More
SAP BusinessObjects
Medium

06/14/2018

SAP BusinessObjects Remote Denial of Service via CORBA

By exploiting this vulnerability an attacker could shut down all SAP systems. Please fill out the form to download the security advisory.

Read More
SAP Netweaver
High

06/14/2018

SAP Code Injection

SAP Code Injection Impact on Business An authenticated attacker can cause a denial-of-service condition for other users, preventing them from accessing the system via the SAP GUI. Additionally, the attacker can modify or delete user-specific favorite nodes, leading to operational disruption and loss of convenience features for the affected business users. Vulnerability Details A specific…

Read More
SAP ERP
Medium

06/14/2018

SAP Header Injection

By exploiting this vulnerability, a remote unauthenticated attacker could get business information. Please fill out the form to download the security advisory.

Read More
SAP HANA
Medium

06/14/2018

SAP Information Disclosure

By exploiting this vulnerability, a remote unauthenticated attacker could get information about the system architecture. Please fill out the form to download the security advisory.

Read More
910111213

Page 11 of 30