sap

1,577 tracked vulnerabilities.

CVE-2022-39802 HIGH
SAP Manufacturing Execution 15.1-15.3 - Path Traversal via File Path Request Parameter
Oct 11, 2022
CVSS 7.5
EPSS 0.06
CVE-2022-39800 MEDIUM
SAP BusinessObjects Business Intelligence LaunchPad 420, 430 - Unauthenticated Cross-Site Scripting
Oct 11, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-39015 MEDIUM
BOE AdminTools/BOE SDK - Info Disclosure
Oct 11, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-39013 HIGH
SAP Business Objects Business Intelligence Platform - Authenticated Exposure of OS Credentials
Oct 11, 2022
CVSS 7.6
EPSS 0.01
CVE-2022-35299 CRITICAL
SAP SQL Anywhere 17.0 and SAP IQ 16.1 - Stack-based Buffer Overflow
Oct 11, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-35297 MEDIUM
SAP Enable Now - Stored Cross-Site Scripting
Oct 11, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-35296 MEDIUM
SAP BusinessObjects Business Intelligence Platform - Exposure of Sensitive Information via Version Management System
Oct 11, 2022
CVSS 4.9
EPSS 0.01
CVE-2022-35226 MEDIUM
SAP Data Services - Authenticated Stored Cross-Site Scripting in Management Console
Oct 11, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-32244 MEDIUM
SAP BusinessObjects Business Intelligence - Authenticated Exposure of Sensitive System Data via Commentary Database
Sep 13, 2022
CVSS 5.2
EPSS 0.00
CVE-2022-39801 HIGH
SAP GRC Access Control - Authenticated Firefighter Session Reuse
Sep 13, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-39799 MEDIUM
SAP NetWeaver Application Server ABAP - Unauthenticated Reflected Cross-Site Scripting in Fiori Launchpad
Sep 13, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-39014 MEDIUM
SAP BusinessObjects <4.30 - Info Disclosure
Sep 13, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-35298 MEDIUM
SAP NetWeaver Enterprise Portal 7.50 - Cross-Site Scripting in KMC Servlet
Sep 13, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-35295 MEDIUM
SAP Host Agent 7.22 - Privilege Escalation via SAPOSCOL File Handling
Sep 13, 2022
CVSS 4.9
EPSS 0.01
CVE-2022-35294 MEDIUM
SAP NetWeaver Application Server ABAP - Stored Cross-Site Scripting via Malicious File Upload
Sep 13, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-35292 HIGH
SAP Business One - Privilege Escalation
Sep 13, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-35293 CRITICAL
SAP Enable Now Manager - Unauthenticated Account Access via Insecure Session Management
Aug 10, 2022
CVSS 9.1
EPSS 0.01
CVE-2022-35290 HIGH
SAP Authenticator < 1.2.17 - Exposure of Sensitive Information
Aug 10, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-32245 HIGH
SAP BusinessObjects BI Platform 420, 430 - Cleartext Transmission of Sensitive Info
Aug 10, 2022
CVSS 8.2
EPSS 0.00
CVE-2022-35291 HIGH
SAP SuccessFactors Mobile - Improper Privilege Management in Attachment APIs
Jul 27, 2022
CVSS 8.1
EPSS 0.01
CVE-2022-35228 HIGH
SAP BusinessObjects Business Intelligence Platform - Cross-Site Request Forgery
Jul 12, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-35227 MEDIUM
SAP NetWeaver Enterprise Portal 7.30, 7.31, 7.40, 7.50 - Cross-Site Scripting
Jul 12, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-35225 MEDIUM
SAP NetWeaver Enterprise Portal 7.10-7.50 - Reflected Cross-Site Scripting
Jul 12, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-35224 MEDIUM
SAP Enterprise Portal 7.10-7.50 - Cross-Site Scripting
Jul 12, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-35172 MEDIUM
SAP NetWeaver Enterprise Portal 7.10-7.50 - Reflected Cross-Site Scripting
Jul 12, 2022
CVSS 6.1
EPSS 0.01