SAP_SE

283 tracked vulnerabilities.

CVE-2025-42982 HIGH
SAP GRC (AC Plugin) >=V1100_700 <V1100_700 and >=V1100_731 <V1100_731 - Missing Authorization
Jun 10, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-42977 HIGH
SAP NetWeaver Visual Composer - Path Traversal
Jun 10, 2025
CVSS 7.6
EPSS 0.01
CVE-2025-31325 MEDIUM
SAP NetWeaver (ABAP Keyword Documentation) < SAP_BASIS 758 - XSS via Unprotected Parameter
Jun 10, 2025
CVSS 5.8
EPSS 0.00
CVE-2025-43011 HIGH
SAP Landscape Transformation - Privilege Escalation
May 13, 2025
CVSS 7.7
EPSS 0.00
CVE-2025-43010 HIGH
SAP S/4HANA Cloud Private Edition or on Premise - Command Injection
May 13, 2025
CVSS 8.3
EPSS 0.00
CVE-2025-43009 MEDIUM
SAP Service Parts Management (SPM) - Missing Authorization
May 13, 2025
CVSS 6.3
EPSS 0.00
CVE-2025-43008 MEDIUM
SAP S/4HANA HCM Portugal and SAP ERP HCM Portugal - Unauthenticated Information Disclosure via Missing Authorization
May 13, 2025
CVSS 5.8
EPSS 0.00
CVE-2025-43007 MEDIUM
SAP Service Parts Management (SPM) - Authenticated Privilege Escalation via Missing Authorization
May 13, 2025
CVSS 6.3
EPSS 0.00
CVE-2025-43006 MEDIUM
SAP Supplier Relationship Management - XSS
May 13, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-43005 MEDIUM
SAP GUI for Windows - Info Disclosure
May 13, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-43004 MEDIUM
Production Operator Dashboards - Info Disclosure
May 13, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-43003 MEDIUM
SAP S/4 HANA - Privilege Escalation
May 13, 2025
CVSS 6.4
EPSS 0.00
CVE-2025-43002 MEDIUM
SAP S4/HANA OData Meta-Data Property - Authenticated Information Disclosure via Missing Authorization Check
May 13, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-43000 HIGH
Promotion Management Wizard - Info Disclosure
May 13, 2025
CVSS 7.9
EPSS 0.00
CVE-2025-42997 MEDIUM
SAP Gateway Client - Info Disclosure
May 13, 2025
CVSS 6.6
EPSS 0.00
CVE-2025-31329 MEDIUM
SAP NetWeaver Application Server ABAP and ABAP Platform - Information Disclosure via User Configuration Settings
May 13, 2025
CVSS 6.2
EPSS 0.00
CVE-2025-26662 MEDIUM
Data Services Management Console - XSS
May 13, 2025
CVSS 4.4
EPSS 0.00
CVE-2025-31328 MEDIUM
SAP S/4 HANA Learning Solution - Cross-Site Request Forgery via GET-based OData Function
Apr 22, 2025
CVSS 4.6
EPSS 0.00
CVE-2025-31327 MEDIUM
SAP Field Logistics - Data Tampering
Apr 22, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-31333 MEDIUM
SAP S4CORE entity - Data Tampering via OData Meta-Data Property
Apr 08, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-31331 MEDIUM
SAP NetWeaver - Authenticated Incorrect Authorization via ABAP Transaction
Apr 08, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-31330 CRITICAL
SAP Landscape Transformation (Analysis Platform) - Authenticated ABAP Code Injection via RFC Function Module
Apr 08, 2025
CVSS 9.9
EPSS 0.00
CVE-2025-30017 MEDIUM
SAP Solution Manager 7.1 - Auth Bypass
Apr 08, 2025
CVSS 4.4
EPSS 0.00
CVE-2025-30016 CRITICAL
SAP Financial Consolidation - Auth Bypass
Apr 08, 2025
CVSS 9.8
EPSS 0.00
CVE-2025-30015 MEDIUM
SAP NetWeaver/ABAP Platform - Privilege Escalation
Apr 08, 2025
CVSS 4.1
EPSS 0.00
Products
SAP NetWeaver Application Server for ABAP and ABAP Platform 10 SAP NetWeaver Application Server ABAP 9 SAP Fiori App (Intercompany Balance Reconciliation) 6 SAP GUI for Windows 6 SAP NetWeaver Application Server Java 6 SAP NetWeaver Application Server for ABAP 6 SAP BusinessObjects Business Intelligence Platform 5 SAP Financial Consolidation 4 SAP NetWeaver Application Server ABAP and ABAP Platform 4 SAP NetWeaver Enterprise Portal 4 SAPCAR 4 SAP Business One (SLD) 3 SAP Commerce Cloud 3 SAP HCM (My Timesheet Fiori 2.0 application) 3 SAP MDM Server 3 SAP NetWeaver AS for JAVA (Adobe Document Services) 3 SAP NetWeaver Application Server ABAP (applications based on SAP GUI for HTML) 3 SAP NetWeaver and ABAP Platform (SDCCN) 3 SAP Solution Manager 3 SAP Business Connector 2 SAP Business Warehouse and SAP Plug-In Basis 2 SAP Commerce 2 SAP Enable Now 2 SAP Landscape Transformation 2 SAP Landscape Transformation (Analysis Platform) 2 SAP NetWeaver 2 SAP NetWeaver ABAP Platform 2 SAP NetWeaver Application Server ABAP (BIC Document) 2 SAP S/4 HANA (Cash Management) 2 SAP S/4 HANA (Manage Bank Statement Reprocessing Rules) 2
Quick Filters
Critical CVEs With Exploits In CISA KEV