Vulnerabilities (CVE)

Filtered by vendor Sap Subscribe
Filtered by product Java As
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-4016 1 Sap 1 Java As 2024-02-04 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in SAP Manufacturing Integration and Intelligence (aka MII, formerly xMII) 15 allows remote attackers to inject arbitrary web script or HTML via the title parameter to webdynpro/resources/sap.com/xapps~xmii~ui~admin~navigation/NavigationApplication, aka SAP Security Note 2201295.
CVE-2016-3979 1 Sap 1 Java As 2024-02-04 5.0 MEDIUM 7.5 HIGH
Internet Communication Manager (aka ICMAN or ICM) in SAP JAVA AS 7.2 through 7.4 allows remote attackers to cause a denial of service (heap memory corruption and process crash) via a crafted HTTP request, related to the IctParseCookies function, aka SAP Security Note 2256185.