sap
1,577 tracked vulnerabilities.
CVE-2021-21487
HIGH
SAP Payment Engine 500 - Authenticated Privilege Escalation
Mar 09, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-21486
HIGH
SAP Enterprise Financial Services 101-105, 600-606, 616-618, 800 - Authenticated Privilege Escalation
Mar 09, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-21484
CRITICAL
SAP HANA 2.0 - Incorrect Authorization via LDAP Unauthenticated Bind
Mar 09, 2021
CVSS 9.8
EPSS 0.01
CVE-2021-21481
HIGH
SAP NetWeaver 7.10-7.50 - Unauthenticated Incorrect Authorization in MigrationService
Mar 09, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-21480
HIGH
SAP Manufacturing Integration and Intelligence - Remote Code Execution via JSP Dashboard Injection
Mar 09, 2021
CVSS 8.8
EPSS 0.51
CVE-2021-21479
CRITICAL
NUCLEI
SAP SCIMono < 0.0.19 - Remote Code Execution via Java Expression Injection
Feb 09, 2021
CVSS 9.1
EPSS 0.10
CVE-2021-21478
MEDIUM
SAP Web Dynpro ABAP - Open Redirect via Reverse Tabnabbing
Feb 09, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-21477
CRITICAL
SAP Commerce Cloud 1808,1811,1905,2005,2011 - Authenticated Remote Code Execution via Drools Rule Injection
Feb 09, 2021
CVSS 9.9
EPSS 0.30
CVE-2021-21476
MEDIUM
SAP UI5 < 1.38.49, 1.52.49, 1.60.34, 1.71.31, 1.78.18, 1.84.5, 1.85.4, 1.86.1 - Open Redirect via Reverse Tabnabbing
Feb 09, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-21475
HIGH
SAP Master Data Management 710, 710.750 - Unauthenticated Path Traversal
Feb 09, 2021
CVSS 7.5
EPSS 0.02
CVE-2021-21474
MEDIUM
SAP HANA Database 1.0, 2.0 - SAML Token Tampering via MD5 Digest Weakness
Feb 09, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-21472
HIGH
SAP Software Provisioning Manager 1.0 - Authenticated Security Bypass via Missing Password Configuration
Feb 09, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-21444
MEDIUM
SAP Business Objects BI Platform - XSS
Feb 09, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-21471
MEDIUM
CLA-Assistant <2.8.5 - Privilege Escalation
Jan 12, 2021
CVSS 6.5
EPSS 0.01
CVE-2021-21470
MEDIUM
SAP EPM Add-in 1010 & SAP Analysis Office 2.8 - Authenticated XXE in Logging Service
Jan 12, 2021
CVSS 4.4
EPSS 0.00
CVE-2021-21469
HIGH
SAP NetWeaver Master Data Management - Exposure of Sensitive Information via SMB Relay Attack
Jan 12, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-21468
MEDIUM
SAP Business Warehouse - Missing Authorization in BW Database Interface
Jan 12, 2021
CVSS 6.5
EPSS 0.02
CVE-2021-21467
MEDIUM
SAP Banking Services - Missing Authorization for Business Partner Generic Market Data
Jan 12, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-21466
HIGH
SAP Business Warehouse and BW/4HANA - Code Injection via Remote Function Module
Jan 12, 2021
CVSS 8.8
EPSS 0.03
CVE-2021-21465
CRITICAL
SAP Business Warehouse - Authenticated SQL Injection via BW Database Interface
Jan 12, 2021
CVSS 9.9
EPSS 0.04
CVE-2021-21464
MEDIUM
SAP 3D Visual Enterprise Viewer 9 - Denial of Service via PCX File Parsing
Jan 12, 2021
CVSS 4.3
EPSS 0.01
CVE-2021-21463
HIGH
SAP 3D Visual Enterprise Viewer 9 - Denial of Service via PCX File Parsing
Jan 12, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-21462
HIGH
SAP 3D Visual Enterprise Viewer 9 - Denial of Service via PCX File Parsing
Jan 12, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-21461
HIGH
SAP 3D Visual Enterprise Viewer 9 - Denial of Service via BMP File Parsing
Jan 12, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-21460
HIGH
SAP 3D Visual Enterprise Viewer 9 - Denial of Service via Manipulated DIB File
Jan 12, 2021
CVSS 8.8
EPSS 0.01
Products
3d_visual_enterprise_viewer 131
netweaver 102
netweaver_application_server_abap 86
businessobjects_business_intelligence_platform 73
netweaver_application_server_java 69
businessobjects_business_intelligence 45
hana 38
solution_manager 33
business_one 31
internet_graphics_server 28
3d_visual_enterprise_author 27
businessobjects 23
netweaver_abap 21
netweaver_process_integration 21
netweaver_enterprise_portal 20
business_objects_business_intelligence_platform 18
commerce_cloud 18
hana_extended_application_services 18
sap_basis 18
s\/4hana 17
disclosure_management 16
host_agent 15
adaptive_server_enterprise 14
enable_now 14
s4core 13
abap_platform 12
customer_relationship_management_webclient_ui 12
netweaver_as_abap 12
sap_db 12
sap_kernel 11
Quick Filters