sap

1,568 tracked vulnerabilities.

CVE-2023-33987 HIGH
SAP Web Dispatcher <7.90 - Unauthenticated RCE
Jul 11, 2023
CVSS 8.6
EPSS 0.00
CVE-2023-31405 MEDIUM
SAP NetWeaver AS for Java - Info Disclosure
Jul 11, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-33991 HIGH
SAP UI5 Variant Management - Stored XSS
Jun 13, 2023
CVSS 8.2
EPSS 0.00
CVE-2023-33986 MEDIUM
SAP CRM ABAP 700-714 - Cross-Site Scripting in Grantor Management
Jun 13, 2023
CVSS 6.1
EPSS 0.01
CVE-2023-33985 MEDIUM
SAP NetWeaver Enterprise Portal 7.50 - XSS
Jun 13, 2023
CVSS 6.1
EPSS 0.01
CVE-2023-33984 MEDIUM
SAP NetWeaver 7.50 - Cross-Site Scripting via Design Time Repository File Upload
Jun 13, 2023
CVSS 6.4
EPSS 0.01
CVE-2023-32115 MEDIUM
SAP Master Data Synchronization - SQL Injection via MDS COMPARE TOOL
Jun 13, 2023
CVSS 4.2
EPSS 0.00
CVE-2023-32114 LOW
SAP NetWeaver 702-757 - Authenticated Denial of Service via Benchmark Program Abuse
Jun 13, 2023
CVSS 2.7
EPSS 0.00
CVE-2023-2827 HIGH
SAP Digital Manufacturing JWT Signature Validation Bypass
Jun 13, 2023
CVSS 7.9
EPSS 0.00
CVE-2023-32113 HIGH
SAP GUI for Windows < 7.70 - Unauthenticated Exposure of NTLM Authentication Information via Shortcut File
May 09, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-32112 LOW
SAP S4CORE and Vendor Master Hierarchy - Authenticated Missing Authorization
May 09, 2023
CVSS 2.8
EPSS 0.00
CVE-2023-32111 HIGH
SAP PowerDesigner Proxy 16.7 - Denial of Service via Memory Corruption
May 09, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-31407 MEDIUM
SAP Business Planning and Consolidation <750 - XSS
May 09, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-31406 MEDIUM
SAP BusinessObjects <430 - Open Redirect
May 09, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-31404 MEDIUM
SAP BusinessObjects <430 - Info Disclosure
May 09, 2023
CVSS 5.0
EPSS 0.00
CVE-2023-30744 HIGH
SAP NetWeaver Application Server for Java - Unauthenticated Remote Method Invocation via Open Naming and Directory API
May 09, 2023
CVSS 8.2
EPSS 0.00
CVE-2023-30743 HIGH
SAPUI5 - Cross-Site Scripting via sap.m.FormattedText Control
May 09, 2023
CVSS 7.1
EPSS 0.00
CVE-2023-30742 MEDIUM
SAP CRM WebClient UI S4FND 102-107, WEBCUIF 700-801 - Stored Cross-Site Scripting
May 09, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-30741 MEDIUM
SAP BusinessObjects Business Intelligence Platform 420, 430 - Unauthenticated Open Redirect
May 09, 2023
CVSS 6.1
EPSS 0.01
CVE-2023-30740 MEDIUM
SAP BusinessObjects Business Intelligence Platform 420, 430 - Authenticated Exposure of Sensitive Information
May 09, 2023
CVSS 6.3
EPSS 0.01
CVE-2023-29188 MEDIUM
SAP CRM WebClient UI - S4FND 102-WEBCUIF 801 - XSS
May 09, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-28764 LOW
SAP BusinessObjects Platform - Info Disclosure
May 09, 2023
CVSS 3.7
EPSS 0.01
CVE-2023-28762 CRITICAL
SAP BusinessObjects Business Intelligence Platform - versions 420, ...
May 09, 2023
CVSS 9.1
EPSS 0.00
CVE-2023-29189 MEDIUM
SAP CRM (WebClient UI) - Auth Bypass
Apr 11, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-29187 MEDIUM
SapSetup <9.0 - Privilege Escalation
Apr 11, 2023
CVSS 6.7
EPSS 0.00
Products
3d_visual_enterprise_viewer 131 netweaver 102 netweaver_application_server_abap 78 businessobjects_business_intelligence_platform 73 netweaver_application_server_java 68 businessobjects_business_intelligence 45 hana 38 solution_manager 33 business_one 31 internet_graphics_server 28 3d_visual_enterprise_author 27 businessobjects 23 netweaver_abap 21 netweaver_process_integration 21 netweaver_enterprise_portal 20 business_objects_business_intelligence_platform 18 commerce_cloud 18 hana_extended_application_services 18 sap_basis 18 s\/4hana 17 disclosure_management 16 host_agent 15 adaptive_server_enterprise 14 enable_now 14 s4core 13 abap_platform 12 customer_relationship_management_webclient_ui 12 netweaver_as_abap 12 sap_db 12 sap_kernel 11
Quick Filters
Critical CVEs With Exploits In CISA KEV