sap

1,568 tracked vulnerabilities.

CVE-2022-39801 HIGH
SAP GRC Access Control - Authenticated Firefighter Session Reuse
Sep 13, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-39799 MEDIUM
SAP NetWeaver Application Server ABAP - Unauthenticated Reflected Cross-Site Scripting in Fiori Launchpad
Sep 13, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-39014 MEDIUM
SAP BusinessObjects <4.30 - Info Disclosure
Sep 13, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-35298 MEDIUM
SAP NetWeaver Enterprise Portal 7.50 - Cross-Site Scripting in KMC Servlet
Sep 13, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-35295 MEDIUM
SAP Host Agent 7.22 - Privilege Escalation via SAPOSCOL File Handling
Sep 13, 2022
CVSS 4.9
EPSS 0.01
CVE-2022-35294 MEDIUM
SAP NetWeaver Application Server ABAP - Stored Cross-Site Scripting via Malicious File Upload
Sep 13, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-35292 HIGH
SAP Business One - Privilege Escalation
Sep 13, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-35293 CRITICAL
SAP Enable Now Manager - Unauthenticated Account Access via Insecure Session Management
Aug 10, 2022
CVSS 9.1
EPSS 0.01
CVE-2022-35290 HIGH
SAP Authenticator < 1.2.17 - Exposure of Sensitive Information
Aug 10, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-32245 HIGH
SAP BusinessObjects BI Platform 420, 430 - Cleartext Transmission of Sensitive Info
Aug 10, 2022
CVSS 8.2
EPSS 0.01
CVE-2022-35291 HIGH
SAP SuccessFactors Mobile - Improper Privilege Management in Attachment APIs
Jul 27, 2022
CVSS 8.1
EPSS 0.00
CVE-2022-35228 HIGH
SAP BusinessObjects Business Intelligence Platform - Cross-Site Request Forgery
Jul 12, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-35227 MEDIUM
SAP NetWeaver Enterprise Portal 7.30, 7.31, 7.40, 7.50 - Cross-Site Scripting
Jul 12, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-35225 MEDIUM
SAP NetWeaver Enterprise Portal 7.10-7.50 - Reflected Cross-Site Scripting
Jul 12, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-35224 MEDIUM
SAP Enterprise Portal 7.10-7.50 - Cross-Site Scripting
Jul 12, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-35172 MEDIUM
SAP NetWeaver Enterprise Portal 7.10-7.50 - Reflected Cross-Site Scripting
Jul 12, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-35171 MEDIUM
SAP 3D Visual Enterprise Viewer - Denial of Service via Malformed JPEG 2000 File
Jul 12, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-35170 MEDIUM
SAP NetWeaver Enterprise Portal 7.10-7.50 - Reflected Cross-Site Scripting
Jul 12, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-35169 MEDIUM
SAP BusinessObjects BI Platform 420, 430 - Sensitive Info Exposure via LCMBIAR Password Decryption
Jul 12, 2022
CVSS 6.0
EPSS 0.00
CVE-2022-35168 HIGH
SAP Business One 10.0 - Denial of Service via XML External Entity Injection
Jul 12, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-32249 HIGH
SAP Business One - Exposure of Sensitive Information via HANA Cockpit Data Volume
Jul 12, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-32248 MEDIUM
SAP S/4HANA 101-106 - Improper Input Validation in Manage Checkbooks Component
Jul 12, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-32247 MEDIUM
SAP NetWeaver Enterprise Portal 7.10-7.50 - Unauthenticated Cross-Site Scripting
Jul 12, 2022
CVSS 6.1
EPSS 0.02
CVE-2022-32246 MEDIUM
SAP Business Objects BI Platform 4.2/4.3 - Authenticated SQL Injection
Jul 12, 2022
CVSS 4.6
EPSS 0.00
CVE-2022-31598 MEDIUM
SAP Business Objects <420 - Info Disclosure
Jul 12, 2022
CVSS 5.4
EPSS 0.00
Products
3d_visual_enterprise_viewer 131 netweaver 102 netweaver_application_server_abap 78 businessobjects_business_intelligence_platform 73 netweaver_application_server_java 68 businessobjects_business_intelligence 45 hana 38 solution_manager 33 business_one 31 internet_graphics_server 28 3d_visual_enterprise_author 27 businessobjects 23 netweaver_abap 21 netweaver_process_integration 21 netweaver_enterprise_portal 20 business_objects_business_intelligence_platform 18 commerce_cloud 18 hana_extended_application_services 18 sap_basis 18 s\/4hana 17 disclosure_management 16 host_agent 15 adaptive_server_enterprise 14 enable_now 14 s4core 13 abap_platform 12 customer_relationship_management_webclient_ui 12 netweaver_as_abap 12 sap_db 12 sap_kernel 11
Quick Filters
Critical CVEs With Exploits In CISA KEV