sap

1,568 tracked vulnerabilities.

CVE-2022-29617 MEDIUM
SAP Contributor License Agreement Assistant < 2.13.0 - Authenticated Denial of Service
Jun 06, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-29616 HIGH
SAP NetWeaver AS ABAP Kernel - Memory Corruption via Logical Errors in Memory Management
May 11, 2022
CVSS 7.5
EPSS 0.00
CVE-2022-29613 MEDIUM
SAP Employee Self Service - Authenticated Employee Number Tampering via Insufficient Input Validation
May 11, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-29611 HIGH
SAP NetWeaver Application Server ABAP and ABAP Platform - Missing Authorization
May 11, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-29610 MEDIUM
SAP NetWeaver Application Server ABAP - Authenticated Stored Cross-Site Scripting via Theme File Upload
May 11, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-28774 MEDIUM
SAP Host Agent - Unprotected Sensitive Information Exposure in Logfile
May 11, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-28214 HIGH
SAP BusinessObjects - Cleartext Storage of Sensitive Information in Sysmon Event Logs
May 11, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-27656 MEDIUM
SAP Web Dispatcher and Internet Communication Manager - Cross-Site Scripting in Web Administration UI
May 11, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-28773 HIGH
SAP Web Dispatcher/SAP Internet Communication Manager - DoS
Apr 12, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-28772 HIGH
SAP Web Dispatcher and Internet Communication Manager - Stack-based Buffer Overflow
Apr 12, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-28770 MEDIUM
SAPUI5 library (vbm) 750, 753, 754, 755, 75 - Unauthenticated Cross-Site Scripting via URL Injection
Apr 12, 2022
CVSS 6.1
EPSS 0.01
CVE-2022-28216 MEDIUM
SAP BusinessObjects Business Intelligence Platform 420 - Unauthenticated Cross-Site Scripting
Apr 12, 2022
CVSS 6.1
EPSS 0.02
CVE-2022-28215 MEDIUM
SAP NetWeaver ABAP Server and ABAP Platform 740, 750, 787 - Unauthenticated Open Redirect
Apr 12, 2022
CVSS 4.7
EPSS 0.00
CVE-2022-28213 HIGH
SAP BusinessObjects Business Intelligence Platform 420, 430 - XML External Entity Injection via SOAP Web Services
Apr 12, 2022
CVSS 8.1
EPSS 0.13
CVE-2022-27671 MEDIUM
SAP BusinessObjects Business Intelligence Platform - Information Disclosure via CSRF Token in URL
Apr 12, 2022
CVSS 6.5
EPSS 0.01
CVE-2022-27670 MEDIUM
SAP SQL Anywhere 17.0 - Authenticated Denial of Service via Indirect Identifier Queries
Apr 12, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-27669 HIGH
SAP NetWeaver Application Server for Java 7.50 - Unauthenticated Missing Authorization in XML Data Archiving Service
Apr 12, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-27667 HIGH
SAP BusinessObjects Business Intelligence Platform 430 - Information Disclosure via Client Management Console
Apr 12, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-27657 LOW
SAP Focused Run Simple Diagnostics Agent 1.0 - Path Traversal
Apr 12, 2022
CVSS 2.7
EPSS 0.00
CVE-2022-27655 MEDIUM
SAP 3D Visual Enterprise Viewer 9.0 - Denial of Service via Malformed Universal 3D File
Apr 12, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-27654 MEDIUM
SAP 3D Visual Enterprise Viewer 9.0 - Denial of Service via Malformed Photoshop Document
Apr 12, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-26109 MEDIUM
SAP 3D Visual Enterprise Viewer <9.0 - DoS
Apr 12, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-26108 MEDIUM
SAP 3D Visual Enterprise Viewer <9.0 - DoS
Apr 12, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-26107 MEDIUM
SAP 3D Visual Enterprise Viewer <9.0 - DoS
Apr 12, 2022
CVSS 6.5
EPSS 0.00
CVE-2022-26106 MEDIUM
SAP 3D Visual Enterprise Viewer <9.0 - DoS
Apr 12, 2022
CVSS 6.5
EPSS 0.00
Products
3d_visual_enterprise_viewer 131 netweaver 102 netweaver_application_server_abap 78 businessobjects_business_intelligence_platform 73 netweaver_application_server_java 68 businessobjects_business_intelligence 45 hana 38 solution_manager 33 business_one 31 internet_graphics_server 28 3d_visual_enterprise_author 27 businessobjects 23 netweaver_abap 21 netweaver_process_integration 21 netweaver_enterprise_portal 20 business_objects_business_intelligence_platform 18 commerce_cloud 18 hana_extended_application_services 18 sap_basis 18 s\/4hana 17 disclosure_management 16 host_agent 15 adaptive_server_enterprise 14 enable_now 14 s4core 13 abap_platform 12 customer_relationship_management_webclient_ui 12 netweaver_as_abap 12 sap_db 12 sap_kernel 11
Quick Filters
Critical CVEs With Exploits In CISA KEV