sap

1,568 tracked vulnerabilities.

CVE-2021-38177 HIGH
SAP CommonCryptoLib <8.5.38 - Memory Corruption
Sep 14, 2021
CVSS 7.5
EPSS 0.03
CVE-2021-38176 HIGH
SAP Landscape Transformation - NZDT ABAP Code Injection
Sep 14, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-38175 MEDIUM
SAP Analysis for Microsoft Office <2.8 - Info Disclosure
Sep 14, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-38174 MEDIUM
SAP 3D Visual Enterprise Viewer <9 - Info Disclosure
Sep 14, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-38164 MEDIUM
SAP ERP Financial Accounting - Privilege Escalation
Sep 14, 2021
CVSS 5.4
EPSS 0.00
CVE-2021-38163 CRITICAL KEV
SAP NetWeaver (Visual Composer 7.0 RT) - Command Injection
Sep 14, 2021
CVSS 9.9
EPSS 0.85
CVE-2021-38162 HIGH
SAP Web Dispatcher 7.49, 7.53, 7.77, 7.81 - Unauthenticated HTTP Request Smuggling
Sep 14, 2021
CVSS 8.9
EPSS 0.02
CVE-2021-38150 MEDIUM
SAP Business Client <7.0-7.70 - Info Disclosure
Sep 14, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-37535 CRITICAL
SAP NetWeaver Application Server Java 7.11-7.50 - Missing Authorization in JMS Connector Service
Sep 14, 2021
CVSS 9.8
EPSS 0.00
CVE-2021-37532 MEDIUM
SAP Business One 10 - Authenticated Path Traversal
Sep 14, 2021
CVSS 4.3
EPSS 0.00
CVE-2021-37531 HIGH
SAP NetWeaver Knowledge Management XML Forms 7.10-7.50 - Authenticated OS Command Injection via Malicious XSL Stylesheet
Sep 14, 2021
CVSS 8.8
EPSS 0.04
CVE-2021-33688 MEDIUM
SAP Business One - Authenticated SQL Injection
Sep 14, 2021
CVSS 4.3
EPSS 0.00
CVE-2021-33686 MEDIUM
SAP Business One <10.0 - Info Disclosure
Sep 14, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-33685 MEDIUM
SAP Business One <10.0 - Path Traversal
Sep 14, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-33679 MEDIUM
SAP BusinessObjects BI Platform -420 - XSS
Sep 14, 2021
CVSS 5.4
EPSS 0.00
CVE-2021-33675 MEDIUM
SAP Contact Center 700 - Reflected Cross-Site Scripting
Sep 14, 2021
CVSS 6.1
EPSS 0.00
CVE-2021-33674 MEDIUM
SAP Contact Center 700 - Reflected Cross-Site Scripting via Email Creation
Sep 14, 2021
CVSS 6.1
EPSS 0.00
CVE-2021-33673 MEDIUM
SAP Contact Center 700 - Stored Cross-Site Scripting in Employee Directory
Sep 14, 2021
CVSS 6.1
EPSS 0.00
CVE-2021-33672 CRITICAL
SAP Contact Center 700 - Stored Cross-Site Scripting and Remote Code Execution via Chat Message
Sep 14, 2021
CVSS 9.6
EPSS 0.00
CVE-2021-21489 MEDIUM
SAP NetWeaver Enterprise Portal 7.10-7.50 - Stored Cross-Site Scripting via User Data
Sep 14, 2021
CVSS 4.8
EPSS 0.00
CVE-2021-33707 MEDIUM
SAP NetWeaver Knowledge Management - Open Redirect
Aug 10, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-33706 MEDIUM
SAP InfraBox < 1.2.2 - Authenticated Log Modification via Improper Input Validation
Aug 10, 2021
CVSS 4.3
EPSS 0.00
CVE-2021-33703 MEDIUM
NetWeaver Enterprise Portal -7.30-7.50 - XSS
Aug 10, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-33702 MEDIUM
NetWeaver Enterprise Portal <7.50 - XSS
Aug 10, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-33699 MEDIUM
SAP Fiori Client - Task Hijacking via AndroidManifest.xml Misconfiguration
Aug 10, 2021
CVSS 6.5
EPSS 0.02
Products
3d_visual_enterprise_viewer 131 netweaver 102 netweaver_application_server_abap 78 businessobjects_business_intelligence_platform 73 netweaver_application_server_java 68 businessobjects_business_intelligence 45 hana 38 solution_manager 33 business_one 31 internet_graphics_server 28 3d_visual_enterprise_author 27 businessobjects 23 netweaver_abap 21 netweaver_process_integration 21 netweaver_enterprise_portal 20 business_objects_business_intelligence_platform 18 commerce_cloud 18 hana_extended_application_services 18 sap_basis 18 s\/4hana 17 disclosure_management 16 host_agent 15 adaptive_server_enterprise 14 enable_now 14 s4core 13 abap_platform 12 customer_relationship_management_webclient_ui 12 netweaver_as_abap 12 sap_db 12 sap_kernel 11
Quick Filters
Critical CVEs With Exploits In CISA KEV