SAP_SE

283 tracked vulnerabilities.

CVE-2025-42957 CRITICAL
SAP S/4HANA - Authenticated ABAP Code Injection via RFC Function Module
Aug 12, 2025
CVSS 9.9
EPSS 0.00
CVE-2025-42955 LOW
SAP Cloud Connector - Missing Authorization Check in LDAP Connection Test Endpoint
Aug 12, 2025
CVSS 3.5
EPSS 0.00
CVE-2025-42951 HIGH
SAP Business One - Privilege Escalation
Aug 12, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-42950 CRITICAL
SAP Landscape Transformation (Analysis Platform) - Authenticated ABAP Code Injection via RFC Function Module
Aug 12, 2025
CVSS 9.9
EPSS 0.00
CVE-2025-42949 MEDIUM
SAP ABAP Platform - Authenticated Missing Authorization Check in SQL Console
Aug 12, 2025
CVSS 4.9
EPSS 0.00
CVE-2025-42948 MEDIUM
SAP NetWeaver ABAP Platform - Unauthenticated Stored Cross-Site Scripting via Malicious Link
Aug 12, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-42946 MEDIUM
SAP S/4HANA (Bank Communication Management) - Path Traversal
Aug 12, 2025
CVSS 6.9
EPSS 0.00
CVE-2025-42945 MEDIUM
SAP NetWeaver Application Server ABAP - XSS
Aug 12, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-42943 MEDIUM
SAP GUI for Windows - Info Disclosure
Aug 12, 2025
CVSS 4.5
EPSS 0.00
CVE-2025-42942 MEDIUM
SAP NetWeaver Application Server for ABAP - XSS
Aug 12, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-42941 LOW
SAP Fiori Launchpad - Reverse Tabnabbing
Aug 12, 2025
CVSS 3.5
EPSS 0.00
CVE-2025-42935 MEDIUM
SAP NetWeaver Application Server ABAP - Info Disclosure
Aug 12, 2025
CVSS 4.1
EPSS 0.00
CVE-2025-42934 MEDIUM
SAP S/4HANA Supplier invoice - Authenticated CRLF Injection via Trusted Sites Configuration
Aug 12, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-42947 MEDIUM
SAP FICA ODN framework - Authenticated Code Injection via Local Variable Manipulation
Jul 23, 2025
CVSS 5.5
EPSS 0.00
CVE-2025-43001 MEDIUM
SAPCAR >= 7.53 < 7.53, >= 7.22EXT < 7.22EXT - Privilege Escalation via Archive Extraction
Jul 08, 2025
CVSS 6.9
EPSS 0.00
CVE-2025-42992 MEDIUM
SAPCAR 7.22EXT-7.53 - Privilege Escalation via Malicious SAR Archive
Jul 08, 2025
CVSS 6.9
EPSS 0.00
CVE-2025-42985 MEDIUM
SAP BusinessObjects Content Administrator Workbench - Open Redirect via Crafted URL
Jul 08, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-42981 MEDIUM
SAP NetWeaver Application Server ABAP - Open Redirect
Jul 08, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-42980 CRITICAL
SAP NetWeaver Enterprise Portal Federated Portal Network - Deserial...
Jul 08, 2025
CVSS 9.1
EPSS 0.01
CVE-2025-42979 MEDIUM
SAP GUI for Windows - Insecure Storage of Sensitive Information in GuiXT Credential Registry
Jul 08, 2025
CVSS 5.6
EPSS 0.00
CVE-2025-42978 LOW
SAP NetWeaver Application Server Java - Info Disclosure
Jul 08, 2025
CVSS 3.5
EPSS 0.00
CVE-2025-42974 MEDIUM
SAP NetWeaver and ABAP Platform - Missing Authorization Check
Jul 08, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-42973 MEDIUM
SAP Data Services Management Console - XSS
Jul 08, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-42971 MEDIUM
SAPCAR 7.22EXT-7.53 - Memory Corruption via Malicious Archive Extraction
Jul 08, 2025
CVSS 4.0
EPSS 0.00
CVE-2025-42970 MEDIUM
SAPCAR >=7.53 <SAP_CAR 7.53 and >=7.22EXT <7.22EXT - Path Traversal via Malicious Archive Extraction
Jul 08, 2025
CVSS 5.8
EPSS 0.00
Products
SAP NetWeaver Application Server for ABAP and ABAP Platform 10 SAP NetWeaver Application Server ABAP 9 SAP Fiori App (Intercompany Balance Reconciliation) 6 SAP GUI for Windows 6 SAP NetWeaver Application Server Java 6 SAP NetWeaver Application Server for ABAP 6 SAP BusinessObjects Business Intelligence Platform 5 SAP Financial Consolidation 4 SAP NetWeaver Application Server ABAP and ABAP Platform 4 SAP NetWeaver Enterprise Portal 4 SAPCAR 4 SAP Business One (SLD) 3 SAP Commerce Cloud 3 SAP HCM (My Timesheet Fiori 2.0 application) 3 SAP MDM Server 3 SAP NetWeaver AS for JAVA (Adobe Document Services) 3 SAP NetWeaver Application Server ABAP (applications based on SAP GUI for HTML) 3 SAP NetWeaver and ABAP Platform (SDCCN) 3 SAP Solution Manager 3 SAP Business Connector 2 SAP Business Warehouse and SAP Plug-In Basis 2 SAP Commerce 2 SAP Enable Now 2 SAP Landscape Transformation 2 SAP Landscape Transformation (Analysis Platform) 2 SAP NetWeaver 2 SAP NetWeaver ABAP Platform 2 SAP NetWeaver Application Server ABAP (BIC Document) 2 SAP S/4 HANA (Cash Management) 2 SAP S/4 HANA (Manage Bank Statement Reprocessing Rules) 2
Quick Filters
Critical CVEs With Exploits In CISA KEV