sap

1,577 tracked vulnerabilities.

CVE-2021-33698 HIGH
SAP Business One <10.0 - Code Injection
Sep 15, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-33697 MEDIUM
SAP BusinessObjects Business Intelligence Platform 420, 430 - Unauthenticated Reverse Tabnabbing
Sep 15, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-33696 MEDIUM
SAP BusinessObjects Business Intelligence Platform 420, 430 - Cross-Site Scripting
Sep 15, 2021
CVSS 5.4
EPSS 0.00
CVE-2021-33695 CRITICAL
SAP Cloud Connector <2.0 - Info Disclosure
Sep 15, 2021
CVSS 9.1
EPSS 0.01
CVE-2021-33694 MEDIUM
SAP Cloud Connector 2.0 - Authenticated Stored Cross-Site Scripting
Sep 15, 2021
CVSS 4.8
EPSS 0.00
CVE-2021-33693 MEDIUM
SAP Cloud Connector <2.0 - Code Injection
Sep 15, 2021
CVSS 6.8
EPSS 0.01
CVE-2021-33692 HIGH
SAP Cloud Connector <2.0 - Path Traversal
Sep 15, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-33691 MEDIUM
NWDI Notification Service -7.31-7.50-7.40 - XSS
Sep 15, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-33690 CRITICAL NUCLEI
SAP NetWeaver Development Infrastructure Component Build Service 7.11-7.50 - Server-Side Request Forgery
Sep 15, 2021
CVSS 9.9
EPSS 0.68
CVE-2021-38177 HIGH
SAP CommonCryptoLib <8.5.38 - Memory Corruption
Sep 14, 2021
CVSS 7.5
EPSS 0.03
CVE-2021-38176 HIGH
SAP Landscape Transformation - NZDT ABAP Code Injection
Sep 14, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-38175 MEDIUM
SAP Analysis for Microsoft Office <2.8 - Info Disclosure
Sep 14, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-38174 MEDIUM
SAP 3D Visual Enterprise Viewer <9 - Info Disclosure
Sep 14, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-38164 MEDIUM
SAP ERP Financial Accounting - Privilege Escalation
Sep 14, 2021
CVSS 5.4
EPSS 0.00
CVE-2021-38163 CRITICAL KEV
SAP NetWeaver (Visual Composer 7.0 RT) - Command Injection
Sep 14, 2021
CVSS 9.9
EPSS 0.37
CVE-2021-38162 HIGH
SAP Web Dispatcher 7.49, 7.53, 7.77, 7.81 - Unauthenticated HTTP Request Smuggling
Sep 14, 2021
CVSS 8.9
EPSS 0.03
CVE-2021-38150 MEDIUM
SAP Business Client <7.0-7.70 - Info Disclosure
Sep 14, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-37535 CRITICAL
SAP NetWeaver Application Server Java 7.11-7.50 - Missing Authorization in JMS Connector Service
Sep 14, 2021
CVSS 9.8
EPSS 0.01
CVE-2021-37532 MEDIUM
SAP Business One 10 - Authenticated Path Traversal
Sep 14, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-37531 HIGH
SAP NetWeaver Knowledge Management XML Forms 7.10-7.50 - Authenticated OS Command Injection via Malicious XSL Stylesheet
Sep 14, 2021
CVSS 8.8
EPSS 0.03
CVE-2021-33688 MEDIUM
SAP Business One - Authenticated SQL Injection
Sep 14, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-33686 MEDIUM
SAP Business One <10.0 - Info Disclosure
Sep 14, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-33685 MEDIUM
SAP Business One <10.0 - Path Traversal
Sep 14, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-33679 MEDIUM
SAP BusinessObjects BI Platform -420 - XSS
Sep 14, 2021
CVSS 5.4
EPSS 0.00
CVE-2021-33675 MEDIUM
SAP Contact Center 700 - Reflected Cross-Site Scripting
Sep 14, 2021
CVSS 6.1
EPSS 0.01