Skip to main content

Gui For Windows

5 CVEs product

Monthly

CVE-2024-39600 MEDIUM This Month

Under certain conditions, the memory of SAP GUI for Windows contains the password used to log on to an SAP system, which might allow an attacker to get hold of the password and impersonate the. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure SAP Microsoft Gui For Windows
NVD
CVSS 3.1
4.2
EPSS
0.1%
CVE-2023-32113 CRITICAL Act Now

SAP GUI for Windows - version 7.70, 8.0, allows an unauthorized attacker to gain NTLM authentication information of a victim by tricking it into clicking a prepared shortcut file. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Information Disclosure Microsoft Gui For Windows
NVD
CVSS 3.1
9.3
EPSS
0.5%
CVE-2021-40503 HIGH This Week

An information disclosure vulnerability exists in SAP GUI for Windows - versions < 7.60 PL13, 7.70 PL4, which allows an attacker with sufficient privileges on the local client-side PC to obtain an. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft SAP Gui For Windows
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2021-27612 MEDIUM This Month

In specific situations SAP GUI for Windows until and including 7.60 PL9, 7.70 PL0, forwards a user to specific malicious website which could contain malware or might lead to phishing attacks to steal. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect SAP Microsoft Gui For Windows
NVD
CVSS 3.1
6.1
EPSS
0.6%
CVE-2017-6950 CRITICAL Act Now

SAP GUI 7.2 through 7.5 allows remote attackers to bypass intended security policy restrictions and execute arbitrary code via a crafted ABAP code, aka SAP Security Note 2407616. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE SAP Gui For Windows
NVD
CVSS 3.0
9.8
EPSS
0.6%
EPSS 0% CVSS 4.2
MEDIUM This Month

Under certain conditions, the memory of SAP GUI for Windows contains the password used to log on to an SAP system, which might allow an attacker to get hold of the password and impersonate the. Rated medium severity (CVSS 4.2), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure SAP Microsoft +1
NVD
EPSS 1% CVSS 9.3
CRITICAL Act Now

SAP GUI for Windows - version 7.70, 8.0, allows an unauthorized attacker to gain NTLM authentication information of a victim by tricking it into clicking a prepared shortcut file. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SAP Information Disclosure Microsoft +1
NVD
EPSS 0% CVSS 7.8
HIGH This Week

An information disclosure vulnerability exists in SAP GUI for Windows - versions < 7.60 PL13, 7.70 PL4, which allows an attacker with sufficient privileges on the local client-side PC to obtain an. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Microsoft SAP +1
NVD
EPSS 1% CVSS 6.1
MEDIUM This Month

In specific situations SAP GUI for Windows until and including 7.60 PL9, 7.70 PL0, forwards a user to specific malicious website which could contain malware or might lead to phishing attacks to steal. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Open Redirect SAP Microsoft +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

SAP GUI 7.2 through 7.5 allows remote attackers to bypass intended security policy restrictions and execute arbitrary code via a crafted ABAP code, aka SAP Security Note 2407616. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE SAP Gui For Windows
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy