sap
1,577 tracked vulnerabilities.
CVE-2023-30743
HIGH
SAPUI5 - Cross-Site Scripting via sap.m.FormattedText Control
May 09, 2023
CVSS 7.1
EPSS 0.00
CVE-2023-30742
MEDIUM
SAP CRM WebClient UI S4FND 102-107, WEBCUIF 700-801 - Stored Cross-Site Scripting
May 09, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-30741
MEDIUM
SAP BusinessObjects Business Intelligence Platform 420, 430 - Unauthenticated Open Redirect
May 09, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-30740
MEDIUM
SAP BusinessObjects Business Intelligence Platform 420, 430 - Authenticated Exposure of Sensitive Information
May 09, 2023
CVSS 6.3
EPSS 0.00
CVE-2023-29188
MEDIUM
SAP CRM WebClient UI - S4FND 102-WEBCUIF 801 - XSS
May 09, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-28764
LOW
SAP BusinessObjects Platform - Info Disclosure
May 09, 2023
CVSS 3.7
EPSS 0.01
CVE-2023-28762
CRITICAL
SAP BusinessObjects Business Intelligence Platform - versions 420, ...
May 09, 2023
CVSS 9.1
EPSS 0.01
CVE-2023-29189
MEDIUM
SAP CRM (WebClient UI) - Auth Bypass
Apr 11, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-29187
MEDIUM
SapSetup <9.0 - Privilege Escalation
Apr 11, 2023
CVSS 6.7
EPSS 0.00
CVE-2023-29186
HIGH
SAP NetWeaver BI CONT ADDON - Path Traversal
Apr 11, 2023
CVSS 8.7
EPSS 0.23
CVE-2023-29185
MEDIUM
SAP NetWeaver AS ABAP Business Server Pages - Authenticated Denial of Service via Resource Consumption
Apr 11, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-29112
LOW
SAP Application Interface (Message Monitoring) -600,700 - XSS
Apr 11, 2023
CVSS 3.7
EPSS 0.00
CVE-2023-29111
LOW
SAP AIF (ODATA service) - Info Disclosure
Apr 11, 2023
CVSS 3.1
EPSS 0.00
CVE-2023-29110
LOW
SAP ABAP Platform - Cross-Site Scripting via HTML Tag Injection
Apr 11, 2023
CVSS 3.7
EPSS 0.00
CVE-2023-29109
MEDIUM
SAP Application Interface Framework - Code Injection
Apr 11, 2023
CVSS 4.4
EPSS 0.00
CVE-2023-29108
MEDIUM
ABAP Platform/SAP Web Dispatcher <7.91 - Info Disclosure
Apr 11, 2023
CVSS 5.0
EPSS 0.00
CVE-2023-28765
CRITICAL
SAP BusinessObjects <420-430 - Privilege Escalation
Apr 11, 2023
CVSS 9.8
EPSS 0.15
CVE-2023-28763
MEDIUM
SAP NetWeaver AS for ABAP and ABAP Platform - DoS
Apr 11, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-28761
MEDIUM
SAP NetWeaver Enterprise Portal - 7.50 - Info Disclosure
Apr 11, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-27897
MEDIUM
SAP CRM 700-713 - Authenticated Code Injection via Vulnerable Interface
Apr 11, 2023
CVSS 6.0
EPSS 0.01
CVE-2023-27499
MEDIUM
SAP NetWeaver GUI for HTML - Reflected Cross-Site Scripting via Malicious URL
Apr 11, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-27497
CRITICAL
SAP Diagnostics Agent 720 - Unauthenticated Remote Code Execution via EventLogServiceCollector
Apr 11, 2023
CVSS 10.0
EPSS 0.01
CVE-2023-27267
CRITICAL
SAP Diagnostics Agent 720 - Unauthenticated Remote Code Execution via OSCommand Bridge
Apr 11, 2023
CVSS 9.0
EPSS 0.14
CVE-2023-26458
MEDIUM
SAP Landscape Management <3.0 - Info Disclosure
Apr 11, 2023
CVSS 6.8
EPSS 0.01
CVE-2023-24527
MEDIUM
SAP NetWeaver AS Java for Deploy Service -7.5 - Info Disclosure
Apr 11, 2023
CVSS 5.3
EPSS 0.00
Products
3d_visual_enterprise_viewer 131
netweaver 102
netweaver_application_server_abap 86
businessobjects_business_intelligence_platform 73
netweaver_application_server_java 69
businessobjects_business_intelligence 45
hana 38
solution_manager 33
business_one 31
internet_graphics_server 28
3d_visual_enterprise_author 27
businessobjects 23
netweaver_abap 21
netweaver_process_integration 21
netweaver_enterprise_portal 20
business_objects_business_intelligence_platform 18
commerce_cloud 18
hana_extended_application_services 18
sap_basis 18
s\/4hana 17
disclosure_management 16
host_agent 15
adaptive_server_enterprise 14
enable_now 14
s4core 13
abap_platform 12
customer_relationship_management_webclient_ui 12
netweaver_as_abap 12
sap_db 12
sap_kernel 11
Quick Filters