SAP_SE
312 tracked vulnerabilities.
CVE-2025-31330
CRITICAL
SAP Landscape Transformation (Analysis Platform) - Authenticated ABAP Code Injection via RFC Function Module
Apr 08, 2025
CVSS 9.9
EPSS 0.01
CVE-2025-30017
MEDIUM
SAP Solution Manager 7.1 - Auth Bypass
Apr 08, 2025
CVSS 4.4
EPSS 0.00
CVE-2025-30016
CRITICAL
SAP Financial Consolidation - Auth Bypass
Apr 08, 2025
CVSS 9.8
EPSS 0.01
CVE-2025-30015
MEDIUM
SAP NetWeaver/ABAP Platform - Privilege Escalation
Apr 08, 2025
CVSS 4.1
EPSS 0.00
CVE-2025-30014
HIGH
SAP Capital Yield Tax Management - Path Traversal
Apr 08, 2025
CVSS 7.7
EPSS 0.01
CVE-2025-30013
MEDIUM
SAP ERP BW Business Content - Command Injection
Apr 08, 2025
CVSS 6.7
EPSS 0.01
CVE-2025-27437
MEDIUM
SAP NetWeaver Application Server ABAP - Info Disclosure
Apr 08, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-27435
MEDIUM
SAP Commerce Cloud HY_COM 2205 and COM_CLOUD 2211 - Unauthenticated Coupon Code Exposure via URL Parameters
Apr 08, 2025
CVSS 4.2
EPSS 0.00
CVE-2025-27429
CRITICAL
SAP S/4HANA (Private Cloud) - Authenticated ABAP Code Injection via RFC Function Module
Apr 08, 2025
CVSS 9.9
EPSS 0.01
CVE-2025-27428
HIGH
SAP Solution Manager - Path Traversal
Apr 08, 2025
CVSS 7.7
EPSS 0.01
CVE-2025-26657
MEDIUM
SAP KMC WPC >=7.50 - Unauthenticated Username Disclosure via Parameter Query
Apr 08, 2025
CVSS 5.3
EPSS 0.00
CVE-2025-26654
MEDIUM
SAP Commerce Cloud - Info Disclosure
Apr 08, 2025
CVSS 6.8
EPSS 0.00
CVE-2025-26653
MEDIUM
SAP NetWeaver Application Server ABAP - XSS
Apr 08, 2025
CVSS 4.7
EPSS 0.00
CVE-2025-23186
HIGH
SAP NetWeaver Application Server ABAP - RCE
Apr 08, 2025
CVSS 8.5
EPSS 0.00
CVE-2025-27436
MEDIUM
SAP S/4HANA Manage Bank Statements - Authenticated Authorization Bypass
Mar 11, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-27434
HIGH
SAP Commerce (Swagger UI) COM_CLOUD 2211 - Unauthenticated Cross-Site Scripting
Mar 11, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-27433
MEDIUM
SAP S/4HANA Manage Bank Statements - Authenticated Authorization Bypass via File Upload
Mar 11, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-27432
LOW
SAP Electronic Invoicing for Brazil - Privilege Escalation
Mar 11, 2025
CVSS 2.4
EPSS 0.00
CVE-2025-27431
MEDIUM
SAP NetWeaver Application Server Java - XSS
Mar 11, 2025
CVSS 5.4
EPSS 0.00
CVE-2025-27430
LOW
SAP CRM and S/4HANA Interaction Center - Server-Side Request Forgery
Mar 11, 2025
CVSS 3.5
EPSS 0.00
CVE-2025-26661
HIGH
SAP NetWeaver - Privilege Escalation
Mar 11, 2025
CVSS 8.8
EPSS 0.00
CVE-2025-26660
MEDIUM
SAP Fiori apps (Posting Library) - Authorization Bypass via Inadequate Security Configuration
Mar 11, 2025
CVSS 4.3
EPSS 0.00
CVE-2025-26659
MEDIUM
SAP NetWeaver Application Server ABAP - XSS
Mar 11, 2025
CVSS 6.1
EPSS 0.00
CVE-2025-26658
MEDIUM
SAP Business One - Privilege Escalation
Mar 11, 2025
CVSS 6.8
EPSS 0.00
CVE-2025-26656
MEDIUM
SAP S/4HANA Manage Purchasing Info Records - Authenticated Privilege Escalation via OData Service
Mar 11, 2025
CVSS 4.3
EPSS 0.00
Products
SAP NetWeaver Application Server ABAP 10
SAP NetWeaver Application Server for ABAP and ABAP Platform 10
SAP Fiori App (Intercompany Balance Reconciliation) 6
SAP GUI for Windows 6
SAP NetWeaver Application Server Java 6
SAP NetWeaver Application Server for ABAP 6
SAP BusinessObjects Business Intelligence Platform 5
SAP NetWeaver AS ABAP and ABAP Platform 5
SAP NetWeaver Enterprise Portal 5
SAP Commerce Cloud 4
SAP Financial Consolidation 4
SAP NetWeaver Application Server ABAP and ABAP Platform 4
SAPCAR 4
SAP Business One (SLD) 3
SAP HCM (My Timesheet Fiori 2.0 application) 3
SAP MDM Server 3
SAP NetWeaver AS for JAVA (Adobe Document Services) 3
SAP NetWeaver Application Server ABAP (applications based on SAP GUI for HTML) 3
SAP NetWeaver and ABAP Platform (SDCCN) 3
SAP Solution Manager 3
SAP Approuter 2
SAP Business Connector 2
SAP Business Objects Business Intelligence Platform 2
SAP Business Warehouse and SAP Plug-In Basis 2
SAP Commerce 2
SAP Enable Now 2
SAP Landscape Transformation 2
SAP Landscape Transformation (Analysis Platform) 2
SAP NetWeaver 2
SAP NetWeaver ABAP Platform 2
Quick Filters