Skip to main content

Base Sas

2 CVEs product

Monthly

CVE-2019-14678 CRITICAL POC Act Now

SAS XML Mapper 9.45 has an XML External Entity (XXE) vulnerability that can be leveraged by malicious attackers in multiple ways. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XXE Denial Of Service SSRF Xml Mapper Base Sas
NVD GitHub
CVSS 3.1
10.0
EPSS
3.0%
CVE-2014-2262 CRITICAL Act Now

Buffer overflow in the client application in Base SAS 9.2 TS2M3, SAS 9.3 TS1M1 and TS1M2, and SAS 9.4 TS1M0 allows user-assisted remote attackers to execute arbitrary code via a crafted SAS program. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow RCE Base Sas
NVD
CVSS 2.0
9.3
EPSS
8.3%
EPSS 3% CVSS 10.0
CRITICAL POC Act Now

SAS XML Mapper 9.45 has an XML External Entity (XXE) vulnerability that can be leveraged by malicious attackers in multiple ways. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

XXE Denial Of Service SSRF +2
NVD GitHub
EPSS 8% CVSS 9.3
CRITICAL Act Now

Buffer overflow in the client application in Base SAS 9.2 TS2M3, SAS 9.3 TS1M1 and TS1M2, and SAS 9.4 TS1M0 allows user-assisted remote attackers to execute arbitrary code via a crafted SAS program. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow RCE Base Sas
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy