SAP^® and Oracle^® Security Advisories

Onapsis Research Labs is the world’s leading team of security experts who combine their deep knowledge of critical ERP applications and decades of threat research experience to deliver impactful security insights and threat intelligence focused on the business-critical applications from SAP, Oracle, and SaaS providers. Onapsis Research Labs is, far and away, the most prolific and most celebrated contributor of vulnerability research by the SAP Product Security Response Team. No other research team comes close.

Oracle E-Business Suite

Critical

06/13/2018

Oracle E-Business Suite SQL Injection in DataManagerServer

By exploiting this vulnerability, an unauthenticated attacker could execute arbitrary SQL statements. Please fill out the form to download the security advisory.

Oracle E-Business Suite

High

02/09/2018

Oracle E-Business Suite Multiple XSS

By exploiting this vulnerability, a remote attacker could steal sensitive business information by targeting other users connected to the system. Please fill out the form to download the security advisory.

Oracle E-Business Suite

Critical

02/09/2018

Oracle E-Business Suite SQL Injections

By exploiting this vulnerability, unauthenticated attacker could execute arbitrary SQL statements. Please fill out the form to download the security advisory.

SAP Netweaver

Medium

02/09/2018

SAP Information Disclosure

By exploiting this vulnerability, a remote unauthenticated attacker could get information about the system architecture. Please fill out the form to download the security advisory.

SAP Netweaver

Medium

02/09/2018

SAP Java CSV Injection

By exploiting this vulnerability, an unauthenticated attacker could inject malicious code in the back-office application to get or modify information systems. Please fill out the form to download the security advisory.

SAP Mobile

Medium

02/09/2018

SAP Mobile Client Database Credentials Stored in Plain Text

By exploiting this vulnerability, an unauthenticated attacker may obtain clear-text passwords of SAP Mobile users and get critical information. Please fill out the form to download the security advisory.

SAP Mobile

Medium

02/09/2018

SAP Mobile Defense and Security Hardcoded Key

By exploiting this vulnerability, a remote attacker may obtain clear-text passwords of SAP Mobile Defense and Security users and get critical information. Please fill out the form to download the security advisory.

SAP Mobile

Medium

02/09/2018

SAP Mobile Defense and Security Weak Encryption

Oracle E-Business Suite

Medium

02/09/2018

Oracle E-Business Suite Information Disclosure

By exploiting this vulnerability, a remote unauthenticated attacker could get access to sensitive information. Please fill out the form to download the security advisory.

«‹…11 121314 15…›»

Page 13 of 30

Safeguarding Tomorrow: Empowering SAP Customers with Advanced Cyber Risk Management

Securing Your Future: Preparing for a Successful SAP RISE Transformation

Executive Threat Overview: Reported SAP Cyber Attack Severely Impacts Business Operations, Compromises Data at Global Manufacturer

Critical SAP Zero-Day Vulnerability Under Active Exploitation (CVE-2025-31324)

10 Reasons Why More Companies Choose Onapsis

SAP^® and Oracle^® Security Advisories

Oracle E-Business Suite SQL Injection in DataManagerServer

Oracle E-Business Suite Multiple XSS

Oracle E-Business Suite SQL Injections

SAP Information Disclosure

SAP Java CSV Injection

SAP Mobile Client Database Credentials Stored in Plain Text

SAP Mobile Defense and Security Hardcoded Key

SAP Mobile Defense and Security Weak Encryption

Oracle E-Business Suite Information Disclosure

SAP® and Oracle® Security Advisories

SAP^® and Oracle^® Security Advisories