sap

1,568 tracked vulnerabilities.

CVE-2023-29186 HIGH
SAP NetWeaver BI CONT ADDON - Path Traversal
Apr 11, 2023
CVSS 8.7
EPSS 0.01
CVE-2023-29185 MEDIUM
SAP NetWeaver AS ABAP Business Server Pages - Authenticated Denial of Service via Resource Consumption
Apr 11, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-29112 LOW
SAP Application Interface (Message Monitoring) -600,700 - XSS
Apr 11, 2023
CVSS 3.7
EPSS 0.00
CVE-2023-29111 LOW
SAP AIF (ODATA service) - Info Disclosure
Apr 11, 2023
CVSS 3.1
EPSS 0.00
CVE-2023-29110 LOW
SAP ABAP Platform - Cross-Site Scripting via HTML Tag Injection
Apr 11, 2023
CVSS 3.7
EPSS 0.00
CVE-2023-29109 MEDIUM
SAP Application Interface Framework - Code Injection
Apr 11, 2023
CVSS 4.4
EPSS 0.00
CVE-2023-29108 MEDIUM
ABAP Platform/SAP Web Dispatcher <7.91 - Info Disclosure
Apr 11, 2023
CVSS 5.0
EPSS 0.00
CVE-2023-28765 CRITICAL
SAP BusinessObjects <420-430 - Privilege Escalation
Apr 11, 2023
CVSS 9.8
EPSS 0.01
CVE-2023-28763 MEDIUM
SAP NetWeaver AS for ABAP and ABAP Platform - DoS
Apr 11, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-28761 MEDIUM
SAP NetWeaver Enterprise Portal - 7.50 - Info Disclosure
Apr 11, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-27897 MEDIUM
SAP CRM 700-713 - Authenticated Code Injection via Vulnerable Interface
Apr 11, 2023
CVSS 6.0
EPSS 0.01
CVE-2023-27499 MEDIUM
SAP NetWeaver GUI for HTML - Reflected Cross-Site Scripting via Malicious URL
Apr 11, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-27497 CRITICAL
SAP Diagnostics Agent 720 - Unauthenticated Remote Code Execution via EventLogServiceCollector
Apr 11, 2023
CVSS 10.0
EPSS 0.00
CVE-2023-27267 CRITICAL
SAP Diagnostics Agent 720 - Unauthenticated Remote Code Execution via OSCommand Bridge
Apr 11, 2023
CVSS 9.0
EPSS 0.02
CVE-2023-26458 MEDIUM
SAP Landscape Management <3.0 - Info Disclosure
Apr 11, 2023
CVSS 6.8
EPSS 0.00
CVE-2023-24527 MEDIUM
SAP NetWeaver AS Java for Deploy Service -7.5 - Info Disclosure
Apr 11, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-1903 MEDIUM
SAP HCM Fiori App My Forms <605 - Info Disclosure
Apr 11, 2023
CVSS 4.3
EPSS 0.00
CVE-2023-27896 MEDIUM
SAP BusinessObjects Business Intelligence Platform 420, 430 - Server-Side Request Forgery
Mar 14, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-27895 MEDIUM
SAP Authenticator for Android -1.3.0 - Info Disclosure
Mar 14, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-27894 MEDIUM
SAP BusinessObjects BI Platform 420, 430 - Information Disclosure via CMS Injection
Mar 14, 2023
CVSS 5.0
EPSS 0.00
CVE-2023-27893 HIGH
SAP Solution Manager - Authenticated Remote Code Execution via Vulnerable Interface
Mar 14, 2023
CVSS 8.8
EPSS 0.05
CVE-2023-27501 HIGH
SAP NetWeaver AS ABAP and ABAP Platform 700-757, 791 - Path Traversal and Arbitrary File Deletion
Mar 14, 2023
CVSS 8.7
EPSS 0.00
CVE-2023-27500 CRITICAL
SAP NetWeaver Application Server ABAP - Authenticated Path Traversal and Arbitrary File Write via SAPRSBRO
Mar 14, 2023
CVSS 9.6
EPSS 0.00
CVE-2023-27498 HIGH
SAP Host Agent 7.22 - Unauthenticated Stack-based Buffer Overflow via Crafted Request
Mar 14, 2023
CVSS 7.2
EPSS 0.00
CVE-2023-27271 MEDIUM
SAP BusinessObjects Web Services <430 - DoS
Mar 14, 2023
CVSS 6.5
EPSS 0.00
Products
3d_visual_enterprise_viewer 131 netweaver 102 netweaver_application_server_abap 78 businessobjects_business_intelligence_platform 73 netweaver_application_server_java 68 businessobjects_business_intelligence 45 hana 38 solution_manager 33 business_one 31 internet_graphics_server 28 3d_visual_enterprise_author 27 businessobjects 23 netweaver_abap 21 netweaver_process_integration 21 netweaver_enterprise_portal 20 business_objects_business_intelligence_platform 18 commerce_cloud 18 hana_extended_application_services 18 sap_basis 18 s\/4hana 17 disclosure_management 16 host_agent 15 adaptive_server_enterprise 14 enable_now 14 s4core 13 abap_platform 12 customer_relationship_management_webclient_ui 12 netweaver_as_abap 12 sap_db 12 sap_kernel 11
Quick Filters
Critical CVEs With Exploits In CISA KEV