sap
1,577 tracked vulnerabilities.
CVE-2021-42066
MEDIUM
SAP Business One 10.0 - Authenticated Cleartext Storage of Sensitive Database Password
Dec 14, 2021
CVSS 4.4
EPSS 0.00
CVE-2021-42064
CRITICAL
SAP Commerce 1905, 2005, 2011, 2105 - SQL Injection via Flexible Search Java API Parameterized 'in' Clause
Dec 14, 2021
CVSS 9.8
EPSS 0.01
CVE-2021-42063
MEDIUM
NUCLEI
SAP Knowledge Warehouse 7.30-7.50 - Cross-Site Scripting
Dec 14, 2021
CVSS 6.1
EPSS 0.22
CVE-2021-42061
MEDIUM
SAP BusinessObjects Business Intelligence Platform 420 - Cross-Site Scripting in Quick Prompt Workflow
Dec 14, 2021
CVSS 5.4
EPSS 0.00
CVE-2021-42062
MEDIUM
SAP ERP HCM Portugal - Missing Authorization for Payroll Data Report
Nov 10, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-40504
MEDIUM
SAP NetWeaver Application Server ABAP and ABAP Platform 700-756 - Incorrect Authorization in Template Role
Nov 10, 2021
CVSS 4.9
EPSS 0.01
CVE-2021-40503
HIGH
SAP GUI for Windows <7.60 PL13, 7.70 PL4 - Info Disclosure
Nov 10, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-40502
HIGH
SAP Commerce - Privilege Escalation
Nov 10, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-40501
HIGH
SAP ABAP Platform Kernel - Privilege Escalation
Nov 10, 2021
CVSS 8.1
EPSS 0.01
CVE-2021-41251
MEDIUM
@sap-cloud-sdk/core - Info Disclosure
Nov 05, 2021
CVSS 5.9
EPSS 0.02
CVE-2021-40500
HIGH
SAP BusinessObjects Business Intelligence Platform 420 430 - Unauthenticated XML External Entity Injection
Oct 12, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-40499
CRITICAL
SAP Cloud Print Manager/SAPSprint <7.70 - Code Injection
Oct 12, 2021
CVSS 9.8
EPSS 0.01
CVE-2021-40498
MEDIUM
SAP SuccessFactors Mobile App <2108 - DoS
Oct 12, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-40497
MEDIUM
SAP BusinessObjects Analysis <430 - Info Disclosure
Oct 12, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-40496
MEDIUM
SAP NetWeaver ABAP - Authenticated Data Exposure via ICM Authentication Function
Oct 12, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-40495
MEDIUM
SAP NetWeaver ABAP and ABAP Platform 740,750-755 - Unauthenticated Denial of Service via SICF Service
Oct 12, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-38183
MEDIUM
SAP NetWeaver 700, 701, 702, 730 - Cross-Site Scripting
Oct 12, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-38181
HIGH
SAP NetWeaver AS ABAP and ABAP Platform - DoS
Oct 12, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-38180
CRITICAL
SAP Business One 10.0 - Code Injection
Oct 12, 2021
CVSS 9.8
EPSS 0.02
CVE-2021-38179
MEDIUM
SAP Business One Integration - Info Disclosure
Oct 12, 2021
CVSS 4.9
EPSS 0.01
CVE-2021-38178
HIGH
SAP NetWeaver AS/ABAP Platform - Code Injection
Oct 12, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-33705
HIGH
SAP NetWeaver Portal 7.10-7.50 - Unauthenticated Server-Side Request Forgery via Iviews Editor
Sep 15, 2021
CVSS 8.1
EPSS 0.02
CVE-2021-33704
HIGH
SAP Business One <10.0 - Privilege Escalation
Sep 15, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-33701
CRITICAL
SAP DMIS and S/4HANA - Authenticated SQL Injection via NDZT Tool Query Manipulation
Sep 15, 2021
CVSS 9.1
EPSS 0.02
CVE-2021-33700
HIGH
SAP Business One <10.0 - Auth Bypass
Sep 15, 2021
CVSS 7.8
EPSS 0.00
Products
3d_visual_enterprise_viewer 131
netweaver 102
netweaver_application_server_abap 86
businessobjects_business_intelligence_platform 73
netweaver_application_server_java 69
businessobjects_business_intelligence 45
hana 38
solution_manager 33
business_one 31
internet_graphics_server 28
3d_visual_enterprise_author 27
businessobjects 23
netweaver_abap 21
netweaver_process_integration 21
netweaver_enterprise_portal 20
business_objects_business_intelligence_platform 18
commerce_cloud 18
hana_extended_application_services 18
sap_basis 18
s\/4hana 17
disclosure_management 16
host_agent 15
adaptive_server_enterprise 14
enable_now 14
s4core 13
abap_platform 12
customer_relationship_management_webclient_ui 12
netweaver_as_abap 12
sap_db 12
sap_kernel 11
Quick Filters