VYPR

Content Server

by SAP

CVEs (5)

  • CVE-2025-42877HigDec 9, 2025
    risk 0.49cvss 7.5epss 0.00

    SAP Web Dispatcher, Internet Communication Manager (ICM), and SAP Content Server allow an unauthenticated user to exploit logical errors that lead to a memory corruption vulnerability. This results in high impact on the availability with no impact on confidentiality or integrity…

  • CVE-2024-33005MedAug 13, 2024
    risk 0.41cvss 6.3epss 0.00

    Due to the missing authorization checks in the local systems, the admin users of SAP Web Dispatcher, SAP NetWeaver Application Server (ABAP and Java), and SAP Content Server can impersonate other users and may perform some unintended actions. This could lead to a low impact on…

  • CVE-2023-26457MedMar 14, 2023
    risk 0.40cvss 6.1epss 0.00

    SAP Content Server - version 7.53, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. After successful exploitation, an attacker can read and modify some sensitive information but cannot delete the data.

  • CVE-2026-27824Feb 27, 2026
    risk 0.00cvss epss 0.00

    calibre is a cross-platform e-book manager for viewing, converting, editing, and cataloging e-books. Prior to version 9.4.0, the calibre Content Server's brute-force protection mechanism uses a ban key derived from both `remote_addr` and the `X-Forwarded-For` header. Since the…

  • CVE-2015-4157Jun 2, 2015
    risk 0.00cvss epss 0.01

    SAP Content Server allows remote attackers to cause a denial of service (service termination) via unspecified vectors, aka SAP Security Note 2127995.