sap

1,568 tracked vulnerabilities.

CVE-2020-6313 MEDIUM
SAP NetWeaver Application Server JAVA/XML Forms <7.50 - XSS
Sep 09, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-6312 MEDIUM
SAP BusinessObjects BI Platform 4.1-4.2 - Stored XSS in Web Intelligence HTML Interface
Sep 09, 2020
CVSS 5.4
EPSS 0.00
CVE-2020-6302 HIGH
SAP Commerce <2005 - Session Fixation
Sep 09, 2020
CVSS 8.1
EPSS 0.00
CVE-2020-6288 MEDIUM
SAP Business Objects - Unrestricted File Upload
Sep 09, 2020
CVSS 5.3
EPSS 0.00
CVE-2020-6283 MEDIUM
SAP Fiori Launchpad - Reflected Cross-Site Scripting via Meta Tag Injection
Sep 09, 2020
CVSS 6.1
EPSS 0.00
CVE-2020-6310 MEDIUM
SAP NetWeaver/ABAP Platform <750-740-731-730-702 - Info Disclosure
Aug 12, 2020
CVSS 4.3
EPSS 0.00
CVE-2020-6309 HIGH
SAP NetWeaver AS JAVA - Unauthenticated Denial of Service via Web Service
Aug 12, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-6301 HIGH
SAP ERP (HCM Travel Management) - Privilege Escalation
Aug 12, 2020
CVSS 8.1
EPSS 0.00
CVE-2020-6300 MEDIUM
SAP BusinessObjects Business Intelligence Platform 4.2, 4.3 - Authenticated Stored Cross-Site Scripting in RecycleBin
Aug 12, 2020
CVSS 4.8
EPSS 0.00
CVE-2020-6299 MEDIUM
SAP NetWeaver <755 - Info Disclosure
Aug 12, 2020
CVSS 4.3
EPSS 0.00
CVE-2020-6298 HIGH
SAP Banking Services - Info Disclosure
Aug 12, 2020
CVSS 8.1
EPSS 0.00
CVE-2020-6297 MEDIUM
SAP Data Hub <3.0 - Info Disclosure
Aug 12, 2020
CVSS 4.4
EPSS 0.00
CVE-2020-6296 HIGH
SAP NetWeaver ABAP Server and ABAP Platform - Code Injection
Aug 12, 2020
CVSS 8.8
EPSS 0.01
CVE-2020-6295 HIGH
SAP Adaptive Server Enterprise 16.0 - Info Disclosure
Aug 12, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-6294 CRITICAL
SAP Business Objects Business Intelligence Platform <4.3 - Auth Bypass
Aug 12, 2020
CVSS 9.1
EPSS 0.00
CVE-2020-6293 MEDIUM
SAP NetWeaver - Unrestricted File Upload
Aug 12, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-6284 CRITICAL
SAP NetWeaver Knowledge Management 7.30, 7.31, 7.40, 7.50 - Stored Cross-Site Scripting
Aug 12, 2020
CVSS 9.0
EPSS 0.01
CVE-2020-6273 MEDIUM
SAP S/4 HANA Fiori UI for General Ledger Accounting 103, 104 - Missing Authorization Check in Attachment Service
Aug 12, 2020
CVSS 4.3
EPSS 0.00
CVE-2020-6292 HIGH
SAP Disclosure Mgmt <10.1 - Info Disclosure
Jul 14, 2020
CVSS 8.8
EPSS 0.00
CVE-2020-6291 HIGH
SAP Disclosure Mgmt <10.1 - Insufficient Session Expiration
Jul 14, 2020
CVSS 8.8
EPSS 0.00
CVE-2020-6290 MEDIUM
SAP Disclosure Mgmt <10.1 - Session Fixation
Jul 14, 2020
CVSS 6.3
EPSS 0.00
CVE-2020-6289 HIGH
SAP Disclosure Management 10.1 - Cross-Site Request Forgery
Jul 14, 2020
CVSS 8.8
EPSS 0.00
CVE-2020-6287 CRITICAL KEVNUCLEI
SAP NetWeaver AS JAVA - Missing Authentication Check
Jul 14, 2020
CVSS 10.0
EPSS 0.94
CVE-2020-6286 MEDIUM
SAP NetWeaver AS JAVA <7.50 - Path Traversal
Jul 14, 2020
CVSS 5.3
EPSS 0.86
CVE-2020-6285 MEDIUM
SAP NetWeaver - XML Toolkit for JAVA (ENGINEAPI) <7.50 - Info Discl...
Jul 14, 2020
CVSS 6.5
EPSS 0.00
Products
3d_visual_enterprise_viewer 131 netweaver 102 netweaver_application_server_abap 78 businessobjects_business_intelligence_platform 73 netweaver_application_server_java 68 businessobjects_business_intelligence 45 hana 38 solution_manager 33 business_one 31 internet_graphics_server 28 3d_visual_enterprise_author 27 businessobjects 23 netweaver_abap 21 netweaver_process_integration 21 netweaver_enterprise_portal 20 business_objects_business_intelligence_platform 18 commerce_cloud 18 hana_extended_application_services 18 sap_basis 18 s\/4hana 17 disclosure_management 16 host_agent 15 adaptive_server_enterprise 14 enable_now 14 s4core 13 abap_platform 12 customer_relationship_management_webclient_ui 12 netweaver_as_abap 12 sap_db 12 sap_kernel 11
Quick Filters
Critical CVEs With Exploits In CISA KEV