sap

1,577 tracked vulnerabilities.

CVE-2023-30743 HIGH
SAPUI5 - Cross-Site Scripting via sap.m.FormattedText Control
May 09, 2023
CVSS 7.1
EPSS 0.00
CVE-2023-30742 MEDIUM
SAP CRM WebClient UI S4FND 102-107, WEBCUIF 700-801 - Stored Cross-Site Scripting
May 09, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-30741 MEDIUM
SAP BusinessObjects Business Intelligence Platform 420, 430 - Unauthenticated Open Redirect
May 09, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-30740 MEDIUM
SAP BusinessObjects Business Intelligence Platform 420, 430 - Authenticated Exposure of Sensitive Information
May 09, 2023
CVSS 6.3
EPSS 0.00
CVE-2023-29188 MEDIUM
SAP CRM WebClient UI - S4FND 102-WEBCUIF 801 - XSS
May 09, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-28764 LOW
SAP BusinessObjects Platform - Info Disclosure
May 09, 2023
CVSS 3.7
EPSS 0.01
CVE-2023-28762 CRITICAL
SAP BusinessObjects Business Intelligence Platform - versions 420, ...
May 09, 2023
CVSS 9.1
EPSS 0.01
CVE-2023-29189 MEDIUM
SAP CRM (WebClient UI) - Auth Bypass
Apr 11, 2023
CVSS 5.4
EPSS 0.00
CVE-2023-29187 MEDIUM
SapSetup <9.0 - Privilege Escalation
Apr 11, 2023
CVSS 6.7
EPSS 0.00
CVE-2023-29186 HIGH
SAP NetWeaver BI CONT ADDON - Path Traversal
Apr 11, 2023
CVSS 8.7
EPSS 0.23
CVE-2023-29185 MEDIUM
SAP NetWeaver AS ABAP Business Server Pages - Authenticated Denial of Service via Resource Consumption
Apr 11, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-29112 LOW
SAP Application Interface (Message Monitoring) -600,700 - XSS
Apr 11, 2023
CVSS 3.7
EPSS 0.00
CVE-2023-29111 LOW
SAP AIF (ODATA service) - Info Disclosure
Apr 11, 2023
CVSS 3.1
EPSS 0.00
CVE-2023-29110 LOW
SAP ABAP Platform - Cross-Site Scripting via HTML Tag Injection
Apr 11, 2023
CVSS 3.7
EPSS 0.00
CVE-2023-29109 MEDIUM
SAP Application Interface Framework - Code Injection
Apr 11, 2023
CVSS 4.4
EPSS 0.00
CVE-2023-29108 MEDIUM
ABAP Platform/SAP Web Dispatcher <7.91 - Info Disclosure
Apr 11, 2023
CVSS 5.0
EPSS 0.00
CVE-2023-28765 CRITICAL
SAP BusinessObjects <420-430 - Privilege Escalation
Apr 11, 2023
CVSS 9.8
EPSS 0.15
CVE-2023-28763 MEDIUM
SAP NetWeaver AS for ABAP and ABAP Platform - DoS
Apr 11, 2023
CVSS 6.5
EPSS 0.01
CVE-2023-28761 MEDIUM
SAP NetWeaver Enterprise Portal - 7.50 - Info Disclosure
Apr 11, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-27897 MEDIUM
SAP CRM 700-713 - Authenticated Code Injection via Vulnerable Interface
Apr 11, 2023
CVSS 6.0
EPSS 0.01
CVE-2023-27499 MEDIUM
SAP NetWeaver GUI for HTML - Reflected Cross-Site Scripting via Malicious URL
Apr 11, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-27497 CRITICAL
SAP Diagnostics Agent 720 - Unauthenticated Remote Code Execution via EventLogServiceCollector
Apr 11, 2023
CVSS 10.0
EPSS 0.01
CVE-2023-27267 CRITICAL
SAP Diagnostics Agent 720 - Unauthenticated Remote Code Execution via OSCommand Bridge
Apr 11, 2023
CVSS 9.0
EPSS 0.14
CVE-2023-26458 MEDIUM
SAP Landscape Management <3.0 - Info Disclosure
Apr 11, 2023
CVSS 6.8
EPSS 0.01
CVE-2023-24527 MEDIUM
SAP NetWeaver AS Java for Deploy Service -7.5 - Info Disclosure
Apr 11, 2023
CVSS 5.3
EPSS 0.00