sap

1,568 tracked vulnerabilities.

CVE-2021-41251 MEDIUM
@sap-cloud-sdk/core - Info Disclosure
Nov 05, 2021
CVSS 5.9
EPSS 0.00
CVE-2021-40500 HIGH
SAP BusinessObjects Business Intelligence Platform 420 430 - Unauthenticated XML External Entity Injection
Oct 12, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-40499 CRITICAL
SAP Cloud Print Manager/SAPSprint <7.70 - Code Injection
Oct 12, 2021
CVSS 9.8
EPSS 0.01
CVE-2021-40498 MEDIUM
SAP SuccessFactors Mobile App <2108 - DoS
Oct 12, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-40497 MEDIUM
SAP BusinessObjects Analysis <430 - Info Disclosure
Oct 12, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-40496 MEDIUM
SAP NetWeaver ABAP - Authenticated Data Exposure via ICM Authentication Function
Oct 12, 2021
CVSS 4.3
EPSS 0.00
CVE-2021-40495 MEDIUM
SAP NetWeaver ABAP and ABAP Platform 740,750-755 - Unauthenticated Denial of Service via SICF Service
Oct 12, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-38183 MEDIUM
SAP NetWeaver 700, 701, 702, 730 - Cross-Site Scripting
Oct 12, 2021
CVSS 6.1
EPSS 0.00
CVE-2021-38181 HIGH
SAP NetWeaver AS ABAP and ABAP Platform - DoS
Oct 12, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-38180 CRITICAL
SAP Business One 10.0 - Code Injection
Oct 12, 2021
CVSS 9.8
EPSS 0.01
CVE-2021-38179 MEDIUM
SAP Business One Integration - Info Disclosure
Oct 12, 2021
CVSS 4.9
EPSS 0.00
CVE-2021-38178 HIGH
SAP NetWeaver AS/ABAP Platform - Code Injection
Oct 12, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-33705 HIGH
SAP NetWeaver Portal 7.10-7.50 - Unauthenticated Server-Side Request Forgery via Iviews Editor
Sep 15, 2021
CVSS 8.1
EPSS 0.01
CVE-2021-33704 HIGH
SAP Business One <10.0 - Privilege Escalation
Sep 15, 2021
CVSS 8.8
EPSS 0.00
CVE-2021-33701 CRITICAL
SAP DMIS and S/4HANA - Authenticated SQL Injection via NDZT Tool Query Manipulation
Sep 15, 2021
CVSS 9.1
EPSS 0.01
CVE-2021-33700 HIGH
SAP Business One <10.0 - Auth Bypass
Sep 15, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-33698 HIGH
SAP Business One <10.0 - Code Injection
Sep 15, 2021
CVSS 8.8
EPSS 0.00
CVE-2021-33697 MEDIUM
SAP BusinessObjects Business Intelligence Platform 420, 430 - Unauthenticated Reverse Tabnabbing
Sep 15, 2021
CVSS 6.1
EPSS 0.00
CVE-2021-33696 MEDIUM
SAP BusinessObjects Business Intelligence Platform 420, 430 - Cross-Site Scripting
Sep 15, 2021
CVSS 5.4
EPSS 0.00
CVE-2021-33695 CRITICAL
SAP Cloud Connector <2.0 - Info Disclosure
Sep 15, 2021
CVSS 9.1
EPSS 0.00
CVE-2021-33694 MEDIUM
SAP Cloud Connector 2.0 - Authenticated Stored Cross-Site Scripting
Sep 15, 2021
CVSS 4.8
EPSS 0.00
CVE-2021-33693 MEDIUM
SAP Cloud Connector <2.0 - Code Injection
Sep 15, 2021
CVSS 6.8
EPSS 0.00
CVE-2021-33692 HIGH
SAP Cloud Connector <2.0 - Path Traversal
Sep 15, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-33691 MEDIUM
NWDI Notification Service -7.31-7.50-7.40 - XSS
Sep 15, 2021
CVSS 6.1
EPSS 0.00
CVE-2021-33690 CRITICAL NUCLEI
SAP NetWeaver Development Infrastructure Component Build Service 7.11-7.50 - Server-Side Request Forgery
Sep 15, 2021
CVSS 9.9
EPSS 0.93
Products
3d_visual_enterprise_viewer 131 netweaver 102 netweaver_application_server_abap 78 businessobjects_business_intelligence_platform 73 netweaver_application_server_java 68 businessobjects_business_intelligence 45 hana 38 solution_manager 33 business_one 31 internet_graphics_server 28 3d_visual_enterprise_author 27 businessobjects 23 netweaver_abap 21 netweaver_process_integration 21 netweaver_enterprise_portal 20 business_objects_business_intelligence_platform 18 commerce_cloud 18 hana_extended_application_services 18 sap_basis 18 s\/4hana 17 disclosure_management 16 host_agent 15 adaptive_server_enterprise 14 enable_now 14 s4core 13 abap_platform 12 customer_relationship_management_webclient_ui 12 netweaver_as_abap 12 sap_db 12 sap_kernel 11
Quick Filters
Critical CVEs With Exploits In CISA KEV