sap
1,577 tracked vulnerabilities.
CVE-2022-39802
HIGH
SAP Manufacturing Execution 15.1-15.3 - Path Traversal via File Path Request Parameter
Oct 11, 2022
CVSS 7.5
EPSS 0.06
CVE-2022-39800
MEDIUM
SAP BusinessObjects Business Intelligence LaunchPad 420, 430 - Unauthenticated Cross-Site Scripting
Oct 11, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-39015
MEDIUM
BOE AdminTools/BOE SDK - Info Disclosure
Oct 11, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-39013
HIGH
SAP Business Objects Business Intelligence Platform - Authenticated Exposure of OS Credentials
Oct 11, 2022
CVSS 7.6
EPSS 0.01
CVE-2022-35299
CRITICAL
SAP SQL Anywhere 17.0 and SAP IQ 16.1 - Stack-based Buffer Overflow
Oct 11, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-35297
MEDIUM
SAP Enable Now - Stored Cross-Site Scripting
Oct 11, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-35296
MEDIUM
SAP BusinessObjects Business Intelligence Platform - Exposure of Sensitive Information via Version Management System
Oct 11, 2022
CVSS 4.9
EPSS 0.01
CVE-2022-35226
MEDIUM
SAP Data Services - Authenticated Stored Cross-Site Scripting in Management Console
Oct 11, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-32244
MEDIUM
SAP BusinessObjects Business Intelligence - Authenticated Exposure of Sensitive System Data via Commentary Database
Sep 13, 2022
CVSS 5.2
EPSS 0.00
CVE-2022-39801
HIGH
SAP GRC Access Control - Authenticated Firefighter Session Reuse
Sep 13, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-39799
MEDIUM
SAP NetWeaver Application Server ABAP - Unauthenticated Reflected Cross-Site Scripting in Fiori Launchpad
Sep 13, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-39014
MEDIUM
SAP BusinessObjects <4.30 - Info Disclosure
Sep 13, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-35298
MEDIUM
SAP NetWeaver Enterprise Portal 7.50 - Cross-Site Scripting in KMC Servlet
Sep 13, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-35295
MEDIUM
SAP Host Agent 7.22 - Privilege Escalation via SAPOSCOL File Handling
Sep 13, 2022
CVSS 4.9
EPSS 0.01
CVE-2022-35294
MEDIUM
SAP NetWeaver Application Server ABAP - Stored Cross-Site Scripting via Malicious File Upload
Sep 13, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-35292
HIGH
SAP Business One - Privilege Escalation
Sep 13, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-35293
CRITICAL
SAP Enable Now Manager - Unauthenticated Account Access via Insecure Session Management
Aug 10, 2022
CVSS 9.1
EPSS 0.01
CVE-2022-35290
HIGH
SAP Authenticator < 1.2.17 - Exposure of Sensitive Information
Aug 10, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-32245
HIGH
SAP BusinessObjects BI Platform 420, 430 - Cleartext Transmission of Sensitive Info
Aug 10, 2022
CVSS 8.2
EPSS 0.00
CVE-2022-35291
HIGH
SAP SuccessFactors Mobile - Improper Privilege Management in Attachment APIs
Jul 27, 2022
CVSS 8.1
EPSS 0.01
CVE-2022-35228
HIGH
SAP BusinessObjects Business Intelligence Platform - Cross-Site Request Forgery
Jul 12, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-35227
MEDIUM
SAP NetWeaver Enterprise Portal 7.30, 7.31, 7.40, 7.50 - Cross-Site Scripting
Jul 12, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-35225
MEDIUM
SAP NetWeaver Enterprise Portal 7.10-7.50 - Reflected Cross-Site Scripting
Jul 12, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-35224
MEDIUM
SAP Enterprise Portal 7.10-7.50 - Cross-Site Scripting
Jul 12, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-35172
MEDIUM
SAP NetWeaver Enterprise Portal 7.10-7.50 - Reflected Cross-Site Scripting
Jul 12, 2022
CVSS 6.1
EPSS 0.01
Products
3d_visual_enterprise_viewer 131
netweaver 102
netweaver_application_server_abap 86
businessobjects_business_intelligence_platform 73
netweaver_application_server_java 69
businessobjects_business_intelligence 45
hana 38
solution_manager 33
business_one 31
internet_graphics_server 28
3d_visual_enterprise_author 27
businessobjects 23
netweaver_abap 21
netweaver_process_integration 21
netweaver_enterprise_portal 20
business_objects_business_intelligence_platform 18
commerce_cloud 18
hana_extended_application_services 18
sap_basis 18
s\/4hana 17
disclosure_management 16
host_agent 15
adaptive_server_enterprise 14
enable_now 14
s4core 13
abap_platform 12
customer_relationship_management_webclient_ui 12
netweaver_as_abap 12
sap_db 12
sap_kernel 11
Quick Filters