SAP_SE
312 tracked vulnerabilities.
CVE-2025-26655
LOW
SAP Just In Time - Authenticated Privilege Escalation via Missing Authorization
Mar 11, 2025
CVSS 3.1
EPSS 0.00
CVE-2025-25244
MEDIUM
SAP Business Warehouse - Privilege Escalation
Mar 11, 2025
CVSS 5.7
EPSS 0.00
CVE-2025-25242
MEDIUM
SAP NetWeaver Application Server ABAP - XSS
Mar 11, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-23194
MEDIUM
SAP NetWeaver Enterprise Portal OBN - Info Disclosure
Mar 11, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-23188
MEDIUM
SAP S/4HANA (RBD) - Authenticated Missing Authorization Check in IBS Module
Mar 11, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-23185
MEDIUM
SAP Business Objects - Info Disclosure
Mar 11, 2025
CVSS 4.1
EPSS 0.00
CVE-2025-0071
MEDIUM
SAP Web Dispatcher & Internet Communication Manager - Info Disclosure
Mar 11, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-0062
MEDIUM
SAP BusinessObjects Business Intelligence Platform - Stored Cross-Site Scripting in Web Intelligence Reports
Mar 11, 2025
CVSS 4.7
EPSS 0.00
CVE-2025-25243
HIGH
SAP SRM MDM Catalog 7.52 - Unauthenticated Path Traversal via Public Servlet
Feb 11, 2025
CVSS 8.6
EPSS 0.01
CVE-2025-25241
MEDIUM
SAP Fiori Apps Reference Library (My Overtime Requests) >=GBX01HR5 605 - Missing Authorization
Feb 11, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-24876
HIGH
SAP Approuter Node.js <v16.7.1 - Auth Bypass
Feb 11, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-24875
MEDIUM
SAP Commerce HY_COM 2205 and COM_CLOUD 2211 - Cross-Site Request Forgery via SameSite=None Cookie Configuration
Feb 11, 2025
CVSS 6.8
EPSS 0.00
CVE-2025-24874
MEDIUM
SAP Commerce (Backoffice) - Info Disclosure
Feb 11, 2025
CVSS 6.8
EPSS 0.00
CVE-2025-24872
MEDIUM
SAP ABAP Platform - Privilege Escalation
Feb 11, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-24870
MEDIUM
SAP GUI for Windows & RFC - Privilege Escalation
Feb 11, 2025
CVSS 6.0
EPSS 0.00
CVE-2025-24869
MEDIUM
SAP NetWeaver Application Server Java - Info Disclosure
Feb 11, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-24868
HIGH
SAP HANA XS Advanced (User Auth) - Unauthenticated Open Redirect via URL Validation
Feb 11, 2025
CVSS 7.1
EPSS 0.00
CVE-2025-24867
MEDIUM
SAP BusinessObjects Platform (BI Launchpad) - Unauthenticated Cross-Site Scripting via Unprotected URL Parameter
Feb 11, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-23191
LOW
SAP Fiori for SAP ERP - HTTP Header Injection via Host Header
Feb 11, 2025
CVSS 3.1
EPSS 0.00
CVE-2025-23190
MEDIUM
SAP NetWeaver and ABAP Platform ST-PI - Missing Authorization Check
Feb 11, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-23189
MEDIUM
SAP NetWeaver and ABAP Platform (SDCCN) - Authenticated Missing Authorization in SDCCN Transaction
Feb 11, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-23187
MEDIUM
SAP NetWeaver/ABAP Platform < ST-PI 2008_1_700/710/740 - Unauthenticated Missing Authorization in SDCCN
Feb 11, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-0054
MEDIUM
SAP NetWeaver Application Server Java - XSS
Feb 11, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-0070
CRITICAL
SAP NetWeaver Application Server for ABAP and ABAP Platform - Privi...
Jan 14, 2025
CVSS 9.9
EPSS 0.01
CVE-2025-0069
HIGH
SAPSetup - Uncontrolled Search Path Element
Jan 14, 2025
CVSS 7.8
EPSS 0.00
Products
SAP NetWeaver Application Server ABAP 10
SAP NetWeaver Application Server for ABAP and ABAP Platform 10
SAP Fiori App (Intercompany Balance Reconciliation) 6
SAP GUI for Windows 6
SAP NetWeaver Application Server Java 6
SAP NetWeaver Application Server for ABAP 6
SAP BusinessObjects Business Intelligence Platform 5
SAP NetWeaver AS ABAP and ABAP Platform 5
SAP NetWeaver Enterprise Portal 5
SAP Commerce Cloud 4
SAP Financial Consolidation 4
SAP NetWeaver Application Server ABAP and ABAP Platform 4
SAPCAR 4
SAP Business One (SLD) 3
SAP HCM (My Timesheet Fiori 2.0 application) 3
SAP MDM Server 3
SAP NetWeaver AS for JAVA (Adobe Document Services) 3
SAP NetWeaver Application Server ABAP (applications based on SAP GUI for HTML) 3
SAP NetWeaver and ABAP Platform (SDCCN) 3
SAP Solution Manager 3
SAP Approuter 2
SAP Business Connector 2
SAP Business Objects Business Intelligence Platform 2
SAP Business Warehouse and SAP Plug-In Basis 2
SAP Commerce 2
SAP Enable Now 2
SAP Landscape Transformation 2
SAP Landscape Transformation (Analysis Platform) 2
SAP NetWeaver 2
SAP NetWeaver ABAP Platform 2
Quick Filters