SAP_SE

283 tracked vulnerabilities.

CVE-2025-30014 HIGH
SAP Capital Yield Tax Management - Path Traversal
Apr 08, 2025
CVSS 7.7
EPSS 0.00
CVE-2025-30013 MEDIUM
SAP ERP BW Business Content - Command Injection
Apr 08, 2025
CVSS 6.7
EPSS 0.00
CVE-2025-27437 MEDIUM
SAP NetWeaver Application Server ABAP - Info Disclosure
Apr 08, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-27435 MEDIUM
SAP Commerce Cloud HY_COM 2205 and COM_CLOUD 2211 - Unauthenticated Coupon Code Exposure via URL Parameters
Apr 08, 2025
CVSS 4.2
EPSS 0.00
CVE-2025-27429 CRITICAL
SAP S/4HANA (Private Cloud) - Authenticated ABAP Code Injection via RFC Function Module
Apr 08, 2025
CVSS 9.9
EPSS 0.00
CVE-2025-27428 HIGH
SAP Solution Manager - Path Traversal
Apr 08, 2025
CVSS 7.7
EPSS 0.00
CVE-2025-26657 MEDIUM
SAP KMC WPC >=7.50 - Unauthenticated Username Disclosure via Parameter Query
Apr 08, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-26654 MEDIUM
SAP Commerce Cloud - Info Disclosure
Apr 08, 2025
CVSS 6.8
EPSS 0.00
CVE-2025-26653 MEDIUM
SAP NetWeaver Application Server ABAP - XSS
Apr 08, 2025
CVSS 4.7
EPSS 0.00
CVE-2025-23186 HIGH
SAP NetWeaver Application Server ABAP - RCE
Apr 08, 2025
CVSS 8.5
EPSS 0.00
CVE-2025-27436 MEDIUM
SAP S/4HANA Manage Bank Statements - Authenticated Authorization Bypass
Mar 11, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-27434 HIGH
SAP Commerce (Swagger UI) COM_CLOUD 2211 - Unauthenticated Cross-Site Scripting
Mar 11, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-27433 MEDIUM
SAP S/4HANA Manage Bank Statements - Authenticated Authorization Bypass via File Upload
Mar 11, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-27432 LOW
SAP Electronic Invoicing for Brazil - Privilege Escalation
Mar 11, 2025
CVSS 2.4
EPSS 0.00
CVE-2025-27431 MEDIUM
SAP NetWeaver Application Server Java - XSS
Mar 11, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-27430 LOW
SAP CRM and S/4HANA Interaction Center - Server-Side Request Forgery
Mar 11, 2025
CVSS 3.5
EPSS 0.00
CVE-2025-26661 HIGH
SAP NetWeaver - Privilege Escalation
Mar 11, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-26660 MEDIUM
SAP Fiori apps (Posting Library) - Authorization Bypass via Inadequate Security Configuration
Mar 11, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-26659 MEDIUM
SAP NetWeaver Application Server ABAP - XSS
Mar 11, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-26658 MEDIUM
SAP Business One - Privilege Escalation
Mar 11, 2025
CVSS 6.8
EPSS 0.00
CVE-2025-26656 MEDIUM
SAP S/4HANA Manage Purchasing Info Records - Authenticated Privilege Escalation via OData Service
Mar 11, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-26655 LOW
SAP Just In Time - Authenticated Privilege Escalation via Missing Authorization
Mar 11, 2025
CVSS 3.1
EPSS 0.00
CVE-2025-25244 MEDIUM
SAP Business Warehouse - Privilege Escalation
Mar 11, 2025
CVSS 5.7
EPSS 0.00
CVE-2025-25242 MEDIUM
SAP NetWeaver Application Server ABAP - XSS
Mar 11, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-23194 MEDIUM
SAP NetWeaver Enterprise Portal OBN - Info Disclosure
Mar 11, 2025
CVSS 5.3
EPSS 0.00
Products
SAP NetWeaver Application Server for ABAP and ABAP Platform 10 SAP NetWeaver Application Server ABAP 9 SAP Fiori App (Intercompany Balance Reconciliation) 6 SAP GUI for Windows 6 SAP NetWeaver Application Server Java 6 SAP NetWeaver Application Server for ABAP 6 SAP BusinessObjects Business Intelligence Platform 5 SAP Financial Consolidation 4 SAP NetWeaver Application Server ABAP and ABAP Platform 4 SAP NetWeaver Enterprise Portal 4 SAPCAR 4 SAP Business One (SLD) 3 SAP Commerce Cloud 3 SAP HCM (My Timesheet Fiori 2.0 application) 3 SAP MDM Server 3 SAP NetWeaver AS for JAVA (Adobe Document Services) 3 SAP NetWeaver Application Server ABAP (applications based on SAP GUI for HTML) 3 SAP NetWeaver and ABAP Platform (SDCCN) 3 SAP Solution Manager 3 SAP Business Connector 2 SAP Business Warehouse and SAP Plug-In Basis 2 SAP Commerce 2 SAP Enable Now 2 SAP Landscape Transformation 2 SAP Landscape Transformation (Analysis Platform) 2 SAP NetWeaver 2 SAP NetWeaver ABAP Platform 2 SAP NetWeaver Application Server ABAP (BIC Document) 2 SAP S/4 HANA (Cash Management) 2 SAP S/4 HANA (Manage Bank Statement Reprocessing Rules) 2
Quick Filters
Critical CVEs With Exploits In CISA KEV