sap
1,577 tracked vulnerabilities.
CVE-2021-27624
MEDIUM
SAP Internet Graphics Service <=7.81 - Unauthenticated DoS via CiXMLIStreamRawBuffer::readRaw()
Jun 09, 2021
CVSS 5.9
EPSS 0.01
CVE-2021-27623
MEDIUM
SAP Internet Graphics Service <=7.81 - Unauthenticated DoS via Malicious IGS Request
Jun 09, 2021
CVSS 5.9
EPSS 0.01
CVE-2021-27622
MEDIUM
SAP Internet Graphics Service -<7.20,7.20EXT,7.53,7.20_EX2,7.81 - DoS
Jun 09, 2021
CVSS 5.9
EPSS 0.01
CVE-2021-27621
MEDIUM
SAP NetWeaver Application Server for Java <7.51 - Info Disclosure
Jun 09, 2021
CVSS 4.9
EPSS 0.01
CVE-2021-27620
MEDIUM
SAP Internet Graphics Service <=7.81 - Unauthenticated DoS via Ups::AddPart() Memory Corruption
Jun 09, 2021
CVSS 5.9
EPSS 0.01
CVE-2021-27615
MEDIUM
SAP Manufacturing Execution 15.1, 15.2, 15.3, 15.4 - Cross-Site Scripting via Missing HTTP Security Headers
Jun 09, 2021
CVSS 5.4
EPSS 0.01
CVE-2021-27607
HIGH
SAP NetWeaver ABAP Server and ABAP Platform - DoS
Jun 09, 2021
CVSS 7.5
EPSS 0.02
CVE-2021-27606
HIGH
SAP NetWeaver ABAP Server and ABAP Platform - Unauthenticated Denial of Service via EncOAMParamStore()
Jun 09, 2021
CVSS 7.5
EPSS 0.02
CVE-2021-27597
HIGH
SAP NetWeaver AS for ABAP (RFC Gateway) - Unauthenticated Denial of Service via memmove() Input Validation
Jun 09, 2021
CVSS 7.5
EPSS 0.02
CVE-2021-21490
MEDIUM
SAP NetWeaver AS ABAP Web Survey - Reflected Cross-Site Scripting
Jun 09, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-21473
MEDIUM
SAP NetWeaver AS ABAP and ABAP Platform - Missing Authorization in SRM_RFC_SUBMIT_REPORT Function Module
Jun 09, 2021
CVSS 6.3
EPSS 0.01
CVE-2021-33668
HIGH
SAP InfraBox < 1.2.1 - Unauthenticated LDAP Injection
Jun 09, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-27619
MEDIUM
SAP Commerce (Backoffice Search) - Info Disclosure
May 11, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-27618
MEDIUM
SAP NetWeaver Process Integration 7.10-7.50 - Unrestricted Upload of File with Dangerous Type
May 11, 2021
CVSS 4.9
EPSS 0.01
CVE-2021-27617
MEDIUM
SAP NetWeaver Process Integration 7.10-7.50 - Denial of Service via Malicious XML Upload
May 11, 2021
CVSS 4.9
EPSS 0.01
CVE-2021-27616
HIGH
SAP Business One Hana Chef Cookbook <10.0 - Info Disclosure
May 11, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-27614
HIGH
SAP Business One Hana Chef Cookbook - Code Injection
May 11, 2021
CVSS 7.1
EPSS 0.00
CVE-2021-27613
HIGH
SAP Business One Chef <10.0 - Info Disclosure
May 11, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-27612
MEDIUM
SAP GUI for Windows <7.70 - Open Redirect
May 11, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-27611
MEDIUM
SAP NetWeaver AS ABAP - Code Injection
May 11, 2021
CVSS 6.7
EPSS 0.00
CVE-2021-27608
HIGH
SAPSetup <9.0 - Privilege Escalation
Apr 14, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-27604
MEDIUM
SAP NetWeaver ABAP Server/ABAP Platform <7.50 - XSS
Apr 14, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-27599
MEDIUM
SAP NetWeaver ABAP Server/ABAP Platform <7.50 - Info Disclosure
Apr 14, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-27609
MEDIUM
SAP Focused RUN - Privilege Escalation
Apr 13, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-27605
MEDIUM
SAP HCM Travel Management Fiori Apps V2 - Privilege Escalation
Apr 13, 2021
CVSS 4.3
EPSS 0.01
Products
3d_visual_enterprise_viewer 131
netweaver 102
netweaver_application_server_abap 86
businessobjects_business_intelligence_platform 73
netweaver_application_server_java 69
businessobjects_business_intelligence 45
hana 38
solution_manager 33
business_one 31
internet_graphics_server 28
3d_visual_enterprise_author 27
businessobjects 23
netweaver_abap 21
netweaver_process_integration 21
netweaver_enterprise_portal 20
business_objects_business_intelligence_platform 18
commerce_cloud 18
hana_extended_application_services 18
sap_basis 18
s\/4hana 17
disclosure_management 16
host_agent 15
adaptive_server_enterprise 14
enable_now 14
s4core 13
abap_platform 12
customer_relationship_management_webclient_ui 12
netweaver_as_abap 12
sap_db 12
sap_kernel 11
Quick Filters