sap
1,577 tracked vulnerabilities.
CVE-2023-35874
MEDIUM
SAP NetWeaver Application Server ABAP and ABAP Platform - Missing Authentication for Critical Function
Jul 11, 2023
CVSS 6.0
EPSS 0.00
CVE-2023-35873
MEDIUM
SAP NetWeaver Process Integration SAP_XITOOL 7.50 - Unauthenticated Missing Authentication for Critical Function
Jul 11, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-35872
MEDIUM
SAP NetWeaver Process Integration SAP_XIAF 7.50 - Unauthenticated Missing Authentication for Critical Function
Jul 11, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-35871
HIGH
SAP Web Dispatcher - Out-of-bounds Write
Jul 11, 2023
CVSS 7.7
EPSS 0.01
CVE-2023-35870
MEDIUM
SAP S/4HANA S4CORE 104-107 - Incorrect Permission Assignment in Journal Entry Template
Jul 11, 2023
CVSS 6.3
EPSS 0.00
CVE-2023-33992
MEDIUM
SAP Business Warehouse and SAP BW/4HANA - Missing Authorization in BICS Communication Layer
Jul 11, 2023
CVSS 4.5
EPSS 0.00
CVE-2023-33990
HIGH
SAP SQL Anywhere 17.0 - Denial of Service via Shared Memory Object Manipulation
Jul 11, 2023
CVSS 7.8
EPSS 0.00
CVE-2023-33989
HIGH
SAP NetWeaver (BI CONT ADD ON) <757 - Path Traversal
Jul 11, 2023
CVSS 8.7
EPSS 0.01
CVE-2023-33988
MEDIUM
SAP Enable Now - Unauthenticated Reflected Cross-Site Scripting
Jul 11, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-33987
HIGH
SAP Web Dispatcher <7.90 - Unauthenticated RCE
Jul 11, 2023
CVSS 8.6
EPSS 0.01
CVE-2023-31405
MEDIUM
SAP NetWeaver AS for Java - Info Disclosure
Jul 11, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-33991
HIGH
SAP UI5 Variant Management - Stored XSS
Jun 13, 2023
CVSS 8.2
EPSS 0.00
CVE-2023-33986
MEDIUM
SAP CRM ABAP 700-714 - Cross-Site Scripting in Grantor Management
Jun 13, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-33985
MEDIUM
SAP NetWeaver Enterprise Portal 7.50 - XSS
Jun 13, 2023
CVSS 6.1
EPSS 0.01
CVE-2023-33984
MEDIUM
SAP NetWeaver 7.50 - Cross-Site Scripting via Design Time Repository File Upload
Jun 13, 2023
CVSS 6.4
EPSS 0.00
CVE-2023-32115
MEDIUM
SAP Master Data Synchronization - SQL Injection via MDS COMPARE TOOL
Jun 13, 2023
CVSS 4.2
EPSS 0.00
CVE-2023-32114
LOW
SAP NetWeaver 702-757 - Authenticated Denial of Service via Benchmark Program Abuse
Jun 13, 2023
CVSS 2.7
EPSS 0.01
CVE-2023-2827
HIGH
SAP Digital Manufacturing JWT Signature Validation Bypass
Jun 13, 2023
CVSS 7.9
EPSS 0.00
CVE-2023-32113
HIGH
SAP GUI for Windows < 7.70 - Unauthenticated Exposure of NTLM Authentication Information via Shortcut File
May 09, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-32112
LOW
SAP S4CORE and Vendor Master Hierarchy - Authenticated Missing Authorization
May 09, 2023
CVSS 2.8
EPSS 0.00
CVE-2023-32111
HIGH
SAP PowerDesigner Proxy 16.7 - Denial of Service via Memory Corruption
May 09, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-31407
MEDIUM
SAP Business Planning and Consolidation <750 - XSS
May 09, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-31406
MEDIUM
SAP BusinessObjects <430 - Open Redirect
May 09, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-31404
MEDIUM
SAP BusinessObjects <430 - Info Disclosure
May 09, 2023
CVSS 5.0
EPSS 0.00
CVE-2023-30744
HIGH
SAP NetWeaver Application Server for Java - Unauthenticated Remote Method Invocation via Open Naming and Directory API
May 09, 2023
CVSS 8.2
EPSS 0.01
Products
3d_visual_enterprise_viewer 131
netweaver 102
netweaver_application_server_abap 86
businessobjects_business_intelligence_platform 73
netweaver_application_server_java 69
businessobjects_business_intelligence 45
hana 38
solution_manager 33
business_one 31
internet_graphics_server 28
3d_visual_enterprise_author 27
businessobjects 23
netweaver_abap 21
netweaver_process_integration 21
netweaver_enterprise_portal 20
business_objects_business_intelligence_platform 18
commerce_cloud 18
hana_extended_application_services 18
sap_basis 18
s\/4hana 17
disclosure_management 16
host_agent 15
adaptive_server_enterprise 14
enable_now 14
s4core 13
abap_platform 12
customer_relationship_management_webclient_ui 12
netweaver_as_abap 12
sap_db 12
sap_kernel 11
Quick Filters