SAP_SE

283 tracked vulnerabilities.

CVE-2025-42909 LOW
SAP Cloud Appliance Library Appliances - Sensitive Cookie Without 'HttpOnly' Flag
Oct 14, 2025
CVSS 3.0
EPSS 0.00
CVE-2025-42908 MEDIUM
SAP NetWeaver Application Server for ABAP - CSRF
Oct 14, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-42906 MEDIUM
SAP Commerce Cloud - Path Traversal
Oct 14, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-42903 MEDIUM
SAP Financial Service Claims Management - Info Disclosure
Oct 14, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-42902 MEDIUM
SAP NetWeaver AS ABAP/ABAP Platform - Memory Corruption
Oct 14, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-42901 MEDIUM
SAP Application Server for ABAP (BAPI Browser) - Authenticated Stored Cross-Site Scripting
Oct 14, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-42907 MEDIUM
SAP BI Platform - Server-Side Request Forgery via LogonToken IP Address Modification
Sep 23, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-42958 CRITICAL
SAP NetWeaver - Unauthenticated Privilege Escalation via Missing Authentication Check
Sep 09, 2025
CVSS 9.1
EPSS 0.00
CVE-2025-42944 CRITICAL
SAP NetWeaver - Unauthenticated Remote Code Execution via RMI-P4 Deserialization
Sep 09, 2025
CVSS 10.0
EPSS 0.00
CVE-2025-42938 MEDIUM
SAP NetWeaver ABAP Platform - Unauthenticated Stored Cross-Site Scripting via Malicious Link
Sep 09, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-42933 HIGH
SAP Business One (SLD) - Insufficiently Protected Credentials via Unencrypted API Responses
Sep 09, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-42930 MEDIUM
SAP Business Planning and Consolidation - DoS
Sep 09, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-42929 HIGH
SAP Landscape Transformation Replication Server - Authenticated Arbitrary Database Table Deletion via ABAP Reports
Sep 09, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-42927 LOW
SAP NetWeaver AS Java - Privilege Escalation
Sep 09, 2025
CVSS 3.4
EPSS 0.00
CVE-2025-42925 MEDIUM
SAP NetWeaver AS JAVA IIOP - Info Disclosure
Sep 09, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-42923 MEDIUM
SAP Fiori App Manage Work Center Groups - CSRF
Sep 09, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-42922 CRITICAL
SAP NetWeaver AS Java - Privilege Escalation
Sep 09, 2025
CVSS 9.9
EPSS 0.00
CVE-2025-42917 MEDIUM
SAP HCM Approve Timesheets Fiori 2.0 - Privilege Escalation
Sep 09, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-42916 HIGH
SAP S/4HANA (Private Cloud or On-Premise) - Arbitrary Database Table Content Deletion via ABAP Reports
Sep 09, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-42915 MEDIUM
SAP Fiori app Manage Payment Blocks - Missing Authorization
Sep 09, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-42914 LOW
SAP HCM My Timesheet Fiori 2.0 - Privilege Escalation
Sep 09, 2025
CVSS 3.1
EPSS 0.00
CVE-2025-42913 LOW
SAP HCM My Timesheet Fiori 2.0 - Privilege Escalation
Sep 09, 2025
CVSS 3.1
EPSS 0.00
CVE-2025-42912 MEDIUM
SAP HCM My Timesheet Fiori 2.0 - Privilege Escalation
Sep 09, 2025
CVSS 6.5
EPSS 0.00
CVE-2025-42976 HIGH
SAP NetWeaver Application Server ABAP - Memory Corruption
Aug 12, 2025
CVSS 8.1
EPSS 0.00
CVE-2025-42975 MEDIUM
SAP NetWeaver Application Server ABAP - XSS
Aug 12, 2025
CVSS 6.1
EPSS 0.00
Products
SAP NetWeaver Application Server for ABAP and ABAP Platform 10 SAP NetWeaver Application Server ABAP 9 SAP Fiori App (Intercompany Balance Reconciliation) 6 SAP GUI for Windows 6 SAP NetWeaver Application Server Java 6 SAP NetWeaver Application Server for ABAP 6 SAP BusinessObjects Business Intelligence Platform 5 SAP Financial Consolidation 4 SAP NetWeaver Application Server ABAP and ABAP Platform 4 SAP NetWeaver Enterprise Portal 4 SAPCAR 4 SAP Business One (SLD) 3 SAP Commerce Cloud 3 SAP HCM (My Timesheet Fiori 2.0 application) 3 SAP MDM Server 3 SAP NetWeaver AS for JAVA (Adobe Document Services) 3 SAP NetWeaver Application Server ABAP (applications based on SAP GUI for HTML) 3 SAP NetWeaver and ABAP Platform (SDCCN) 3 SAP Solution Manager 3 SAP Business Connector 2 SAP Business Warehouse and SAP Plug-In Basis 2 SAP Commerce 2 SAP Enable Now 2 SAP Landscape Transformation 2 SAP Landscape Transformation (Analysis Platform) 2 SAP NetWeaver 2 SAP NetWeaver ABAP Platform 2 SAP NetWeaver Application Server ABAP (BIC Document) 2 SAP S/4 HANA (Cash Management) 2 SAP S/4 HANA (Manage Bank Statement Reprocessing Rules) 2
Quick Filters
Critical CVEs With Exploits In CISA KEV